NIGC - Security Operations Analyst 3
cFocus Software Incorporated, Washington, District of Columbia, United States
cFocus Software seeks a Security Operations Analyst 3 to join our program supporting the National Indian Gaming Commission (NIGC). This position is remote. This position requires a Public Trust clearance.
Qualifications
Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
4+ years of experience in cybersecurity operations or SOC analysis
Demonstrated authoring of daily security analysis checklists, IR playbooks, threat reports
Hands-on with SIEM required; hands-on EDR required; hands-on with SOAR OR NDR required (at least one)
Strong knowledge of security monitoring, incident response, and threat detection
Familiarity with NIST frameworks, FISMA, and federal cybersecurity standards
Experience analyzing logs across network, endpoint, and cloud environments
Knowledge of Microsoft 365, Azure, and identity management (Entra ID)
Experience supporting federal agencies and compliance frameworks
Experience with VMware, Linux administration, and disaster recovery planning
Active certifications such as CISSP or GCIH or CEH
Experience with PowerShell scripting and automation tools
Duties
Perform all security analysis activities according to established standards.
Maintain threat awareness and monitor NIGC information systems for exploits and any suspicious activities; analyze aggregated logs and reports from security tools.
Develop a daily security analysis and reporting checklist and execute activities identified in the checklist.
Evaluate effectiveness of security analysis activities compared to best practices and recommend improvements.
Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls and execute proactive threat hunting activities to ensure confidentiality, integrity, and availability of NIGC information systems.
Develop detection and response configuration policies to increase automation and alerting.
Develop Incident handling procedures.
Execute Incident Response activities to include all associated actions according to the NIGC incident response plan.
Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations.
Collect security operations performance and NIGC security posture management metrics and prepare NIGC threat reports to inform risk management decisions.
#J-18808-Ljbffr
Qualifications
Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
4+ years of experience in cybersecurity operations or SOC analysis
Demonstrated authoring of daily security analysis checklists, IR playbooks, threat reports
Hands-on with SIEM required; hands-on EDR required; hands-on with SOAR OR NDR required (at least one)
Strong knowledge of security monitoring, incident response, and threat detection
Familiarity with NIST frameworks, FISMA, and federal cybersecurity standards
Experience analyzing logs across network, endpoint, and cloud environments
Knowledge of Microsoft 365, Azure, and identity management (Entra ID)
Experience supporting federal agencies and compliance frameworks
Experience with VMware, Linux administration, and disaster recovery planning
Active certifications such as CISSP or GCIH or CEH
Experience with PowerShell scripting and automation tools
Duties
Perform all security analysis activities according to established standards.
Maintain threat awareness and monitor NIGC information systems for exploits and any suspicious activities; analyze aggregated logs and reports from security tools.
Develop a daily security analysis and reporting checklist and execute activities identified in the checklist.
Evaluate effectiveness of security analysis activities compared to best practices and recommend improvements.
Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls and execute proactive threat hunting activities to ensure confidentiality, integrity, and availability of NIGC information systems.
Develop detection and response configuration policies to increase automation and alerting.
Develop Incident handling procedures.
Execute Incident Response activities to include all associated actions according to the NIGC incident response plan.
Validate that sufficient and relevant information is captured and retained from security tools to support actionable security awareness and incident investigations.
Collect security operations performance and NIGC security posture management metrics and prepare NIGC threat reports to inform risk management decisions.
#J-18808-Ljbffr