Cyber SOCThreat Analyst

PeopleTec is currently seeking a Cyber SOC/Threat Analyst to support our Camp Roberts (San Miguel CA) location.

The Local Defender is a critical cybersecurity role responsible for protecting the organizations digital assets through proactive monitoring analysis and response to cyber threats. This role combines the duties of a Security Operations Center (SOC) Analyst and Threat Analyst to ensurea holisticdefense against emerging threats. Key responsibilities include monitoring security logs analyzing and reporting cyber incidents reviewing Common Vulnerabilities and Exposures (CVEs) and implementing directives from NETCOM (e.g. Cyber Tasking Orders CTO).Work is performed on-site with occasional on-call duties for critical incidents in a collaborativedemanding environmentrequiring attention to emerging threats and vulnerabilities.

The preferred candidate will be well-versed in common cyber threats vulnerabilities and adversarial tactics techniques and procedures (TTPs).In this role the candidate isexpected to work with minimal guidance in a cross-functional teamensuring reports and recommendations are effectivelycommunicatedandactioned to supportthe Government customer andmission requirements.

Benefits offered can be found here:Benefits compliance with Californias Equal Pay for Equal Work Act the salary range for this role is $108000 - $140000; however PeopleTec considers several factors when extending an offer including but not limited to the role and associated responsibilities a candidates work experience education/training and critical skills.

Required Skills/Experience:

SOCActivities andDuties

• Monitor and analyze security eventsand alerts generated by SIEM platforms firewalls IDS/IPS and endpoint detection tools toidentifypotential threats and anomalous behavior.
• Perform basic system administration functions on the sensor capability systems and components such as applying patches and updatesif touch labor isrequired.
• Analyze data from installed OT sensors toidentifypatternstrends andassistwith the reports generatedregardingsystem performance and health.
• Diagnose and resolve issues related to sensor data including malfunctioning sensors communication problems and data integrity problems if necessary.
• Analyzepotential security incidentsandinvestigate todeterminethe scope impact root cause and recommend effective remediation strategies.
• Perform triage on security incidents toidentifyroot causes and recommendappropriate mitigationmeasures.
• Conduct regular reviews of SIEM reports toidentifypatterns trends and potential vulnerabilities within the organizations infrastructure.
• Develop actionable recommendations based on SIEM data analysis to enhance detection capabilitiesoptimizealert configurations and addressidentifiedgaps.
• Escalate critical incidents to senior leadership or appropriate teams and provide detailed incident summaries with proposed mitigation actions.
• Maintain accurate documentation of security events and incident-handling procedures.

Threat Analysis & Intelligence

• Monitor and evaluate Cyber Tasking Orders (CTOs) and other directives from NETCOM ensuring compliance andtimelyimplementation of mitigations.
• Conduct research on the latestorganizations environmentthreat vectors attack methodologies and adversarial tactics techniques and procedures (TTPs).
• Collaborate with other cybersecurity team membersand the government customerto integrate threat intelligence into incident detection and response processes.
• Analyze CVEssecurity bulletinsthreat intelligence feeds and security advisories to assess their relevance and potential impactto the mission and theorganizations environment.
• Correlate threat intelligence with SIEM findings toidentifyand assess emerging threats.
• Develop and communicate proactive mitigation strategies based on threat landscape trends and adversary tactics.

Reporting & Communication

• Generate detailed and actionable reports forleadershipfrom SIEM platforms summarizing identifiedthreats incidents and remediation steps.
• Provide recommendations for improving the organizations cybersecurity posture based on incident trends and threat intelligence.
• Maintain clear communication with cross-functional teams to ensure alignment with securityobjectivesand protocols.
• Generate detailed reports threats false positives and actionable insights.
• ProvidetheGovernment customer and leadershipwith concise data-driven recommendations for enhancing the organizations cybersecurity defenses based on SIEM trends and incident analysis.
• Prepare summariesand status updatesof security posture improvements resulting from SIEM data analysis and implemented recommendations.

Security Tool Management & Optimization

• Support the configuration tuning and optimization of security monitoring tools including SIEM and threat detection platforms.
• Work with the team to improve the accuracy reliability and efficiency of OT sensor data collection and analysis.
• Conduct periodic reviews and updates of security tools to address gaps or inefficiencies.
• Participate in the testing and implementation of new security technologies asrequired.
• Collaborate with theteam andthe stakeholder communityto fine-tune SIEM configurations including custom rule creation and log source integration to improve threat detection accuracy.
• Conduct periodic evaluations of SIEM and related tools providing recommendations for feature enhancements oradditionalcapabilities.
• Support the testing and deployment of security solutions to ensure seamless integration with the existing monitoring infrastructure.
• Proficiencyin analyzing security events logs and alerts from various security tools (e.g. SIEM firewalls IDS/IPS).

• Familiarity with CVEs threat intelligence frameworks (e.g. MITRE ATT&CK) and vulnerability management practices.
• Knowledge ofNETCOM policies Cyber Tasking Orders (CTOs) and cybersecurity compliance requirements.
• Meet DoD and Army training and certification requirements for system administration (DOD 8140 IAT Level II)
• Strong analytical and problem-solving skills with attention to detail.

• Travel: 20 % Travel may include CONUS and OCONUS
• Must be a U.S. Citizen
• An active DoD Secret clearance is required to perform this work. Candidates are required to have an active Secret clearance upon hire and the ability to achieve a Top Secret Security Clearance.

Certifications:

CISSP CompTIA Security CySA CEH GIAC Certification Splunk Cisco Certified CyberOps Associate (DoD 8140 IAT Level II)

Education Requirements:

• Bachelors degree in Cybersecurity Computer Science Information Technology or a related field (or equivalent experience).
• Minimum of 10 plus years ofwork relatedexperience.
• 2 years of experience in a SOC cybersecurity or related role.

Physical Job Requirements:

• Work is performed with little or no direct supervision. Work may be performed both indoors and outdoors. May require travel to less-desirable locations. This position may require CONUS and/or OCONUS travel. Work may require being able to lift carry or move items up to approximately forty pounds. Work may require climbing on military equipment. Work will belocatedonsite at a military site.

Desired Skills:

• GIAC Penetration Tester (GPEN)
• Offensive Security Certified Professional (OSCP)
• Experience with scripting languages (e.g. Python PowerShell) for automating security tasks.
• Previousexperience with Dragos OT Sensor Equipment Preferred.
• Previousexperience with OT TenablePreferred.
• Understanding of advanced threat detection methodologies and incident response processes.
• Excellent verbal and written communication skills for creating technical reports and presentations.

People First. Technology Always.

PeopleTec Inc. is an employee-owned small business founded in Huntsville AL that provides exceptional customer support by employing and retaining a highly skilled workforce.

Culture: The name PeopleTec was deliberately chosen to remind us of our core value system - our people. Our companys foundation was built on placing our employees and customers first. With an award-winning atmosphere we have matured into a company that boasts the best and brightest across multiple technical fields.

Career: At PeopleTec we value your long-term goals. Whether its through our continuing-education opportunities our robust training programs or our People First benefits package PeopleTec truly believes that our best investments are our people.

Come Experience It.

#cjpost #dpost

EEO Statement

PeopleTec Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability you may use the following email address and/or phone number (256.319.3800) to contact us about your interest in employment with PeopleTec Inc.

All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin age genetic information citizenship ancestry marital status protected veteran status disability status or any other status protected by federal state or local law. PeopleTec Inc. participates in E-Verify.