Security Operation Center (SOC) Analyst II "W-TRS" Schofield Barracks Hawaii A SOC Analyst is responsible for cybersecurity operations, incident response, and defensive cyber measures across both centralized and distributed locations in support of the Warfighter Training Readiness Solutions (W-TRS) program under the U.S. Army PEO STRI. The role involves continuous 24x365 monitoring, analysis, and response to cyber threats, ensuring adherence to best practices and operational procedures for defensive cyber operations. The analyst proactively implements defense strategies, maintains compliance and reporting metrics, and ensures alignment with DoD cybersecurity policies. Additionally, they generate reports related to FISMA, RMF ConMon, and security incidents while operating, maintaining, and deploying enterprise cyber tools.
Required Skills: - Brings hands-on experience in cybersecurity operations (including protection, detection, response, and sustainment).
- Possesses extensive technical expertise in current cybersecurity technologies and emerging innovations.
- Demonstrates knowledge of the lifecycle of cybersecurity threats and use of existing TTPs.
- Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.
Responsibilities: - Shall support production of documentation and associated artifacts, the implementation of Cybersecurity requirements as identified in DoDI 8510 and AR 25-2 based upon the System Categorization under the Risk Management Framework (RMF)
- Operate workstation, and collect, analyze, and assimilate data into usable
- Execute Incident Responses for all incidents involving the system, prepare incident reports, and submit to appropriate IA personnel
- Validate IA Vulnerability Alerts (IAVAs) for supported baselines via vulnerability scanning
- Responsible for the maintenance and security of the current and future baseline.
- Ensure all components have a representative security configuration baseline documented.
- Continuous monitoring and compliance testing to validate the current configurations,
- Analyze and correlate audit records using the Security Incident & Event Management (SIEM)
- Analyze security requirements, perform functional and security testing, prepare initial RMF documents for system Assessment and Authorization (A&A), and present the security architecture.
- Monitor and control communications at the external boundaries, including unauthorized software, to include mobile code.
- Notify site IA personnel immediately upon detection of an unauthorized network service
- Configure and enable required security features
- Centrally review, analyze, correlate, and store audit records from multiple components within the system using the various SIEM tools and monitoring capabilities.
- Perform necessary auditing and audit review
- Perform / Monitor account management and account
- Ensure backups of audit logs is performed weekly.
- Support execution of annual FISMA according to the Assessment and Authorization (A&A) and ATO requirements
Desired Skills: - 3+ years of Incident handling experience
- Experience working with DoD / U.S. Army / Federal Government
- Experience with software/tools: Assured Compliance Assessment Solution (ACAS), Splunk, Endpoint Security Solution (ESS), Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS, SRGs, STIGS, DISA STIG Viewer, SCC/SCAP, Evaluate STIG, Windows, Linux (RHEL)
- Experience as a SOC Analyst I or related Cyber position under CSSP
Desired Certification: CYSA+* or other CSSP certifications
Education Requirements : Bachelor's degree in Cybersecurity and Information Assurance; Advanced degree(s) preferred.
Experience Requirements: Bachelor's degree + 6 years of relevant experience, Master's degree + 6 years of relevant experience,
Clearance Requirements: Current U.S. DoD Secret Clearance
