The Cybersecurity Analyst performs professional-level cybersecurity work supporting Security Operations Center (SOC) operations, enterprise security monitoring, remediation tracking, and related risk support activities. This position evaluates security events, analyzes logs and system data, determines appropriate incident escalation, and prioritizes remediation activities within established cybersecurity procedures and operational practices. The role assesses security conditions, coordinates response activities, maintains operational visibility, and provides technical consultation to senior cybersecurity staff regarding matters that may affect security operations and risk management practices.

ESSENTIAL DUTIES AND RESPONSIBILITIES (and other duties as assigned)

Security Operations & Splunk Support:
• Evaluate security events and alerts within the system and related tools to identify potential threats, anomalies, and operational risk indicators.
• Develop, tune, and maintain system dashboards, alerts, and reports to support security monitoring and operational decision-making.
• Determine appropriate escalation paths for security events based on risk, severity, business impact, and established response criteria.
• Coordinate log onboarding, data validation, and troubleshooting of data inputs within the system to maintain effective monitoring coverage.
• Maintain and improve SOC documentation related to monitoring coverage, alert logic, escalation criteria, and operational practices.

Incident Detection & Response Support:
• Analyze security alerts by reviewing logs, event data, and supporting technical information to determine appropriate response actions.
• Document incident findings, escalation decisions, remediation status, and supporting evidence in accordance with established security practices.
• Apply established runbooks and response procedures while exercising judgment to identify exceptions, escalation needs, and remediation priorities.
• Coordinate with IT teams to track remediation activities, validate corrective actions, and communicate outstanding risk or operational concerns.
• Provide technical consultation to senior cybersecurity staff regarding incident escalation, remediation prioritization, and recurring security trends.

Third-Party Risk & Assessment Processing:
• Coordinate intake, review, and tracking of third-party cybersecurity assessments in alignment with established risk management practices.
• Maintain third-party risk records and evaluate documentation completeness, open findings, and remediation status.
• Coordinate with internal stakeholders to obtain required assessment information and communicate outstanding vendor risk items.
• Track remediation activities related to vendor findings and identify items requiring escalation or additional technical review.

Compliance & Operational Support:
• Maintain compliance documentation including SSPs, POA&Ms, evidence records, and related operational security documentation.
• Gather, organize, and validate required audit evidence and supporting documentation for cybersecurity and risk management activities.
• Interpret and apply organizational security policies and procedures when evaluating security events, remediation status, and documentation requirements.

Collaboration & Reporting:
• Work closely with senior cybersecurity staff and IT teams to coordinate security monitoring, incident escalation, and remediation tracking activities.
• Prepare SOC reporting, alert trend information, operational metrics, and remediation status updates to support technical review and decision-making.
• Communicate findings, risk indicators, and escalation recommendations clearly and professionally to appropriate technical stakeholders.

EXPERIENCE, SKILLS and/or EDUCATION
• Bachelor's degree in Cybersecurity, Information Technology, or another related field. (Additional experience may substitute on a year for year basis.)
• Three (3) years of experience in cybersecurity or related IT support.
• Basic experience with SIEM tools (preferably Splunk) or log analysis concepts to identify and evaluate security events.
• Understanding of security monitoring, incident response, remediation tracking, and cybersecurity fundamentals.
• Familiarity with NIST, CMMC, or similar frameworks preferred.
• Proficiency in Microsoft 365 and enterprise IT environments preferred.
• Relevant certifications such as Security+ or Network+ preferred.

LEADERSHIP COMPETENCY REQUIREMENTS FOR INDIVIDUAL CONTRIBUTOR LEVEL

ASRC's Core competencies include Leading Self, Leading People, and Leading the Organization. In addition to our core competency model, our framework includes competencies specific to the various levels of positions within our company. For more information on our core competencies, please contact the HR Department and reference the ASRC Leadership Framework.

Customer Focus

• Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.

Drive for Results

• Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.

Problem Solving

• Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.

Time Management

• Uses time effectively and efficiently, concentrating his/her efforts on the more important priorities.

PHYSICAL DEMANDS

The physical demands described herein are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to sit; reach with hands and arms; and to use hands to finger, handle, or feel. The employee is occasionally required to stand, walk, climb or balance. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job includes the ability to adjust focus.

WORK ENVIRONMENT

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The work environment is in a busy office setting. The noise level in the work environment is usually moderate. While performing the duties of this job, the employee may be occasionally exposed to outside weather conditions and may be required to travel in small and large commercial aircraft for overnight and/or multiday trips.

NOTE: This document does not create an employment contract, implied or otherwise. The statements contained herein are intended to describe the principal functions of this position, the level of knowledge and skill typically required, and the scope of responsibilities, but should not be considered an all-inclusive listing of work requirements.