Senior SOC Operations Analyst

Job Responsibilities include: Supports our Army customer by providing a critical cybersecurity role by ensuring continuous monitoring in accordance with DoD Risk Management Framework (RMF), and through system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings. This role combines the duties of an ISSO, Security Operations Center (SOC) Analyst and Threat Analyst to ensure a holistic defense against emerging threats. Performs tasks in a variety of areas to include:

• Serve as the ISSO in support of the ISO for assigned systems, ensuring full compliance with RMF, DoDI 8510.01, and NIST SP 800-53 security control baselines.
• Manage and maintain all RMF-related documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
• Conduct security control assessments and facilitate ongoing authorization (ATO/ATC) activities.
• Lead vulnerability and compliance assessments using automated tools (e.g., ACAS, STIG Viewer) and ensure all findings are remediated or tracked via POA&Ms.
• Monitoring security logs, analyzing and reporting cyber incidents, reviewing Common Vulnerabilities and Exposures (CVEs), and implementing directives from NETCOM (e.g., Cyber Tasking Orders - CTO).
• Work is performed on-site with occasional on-call duties for critical incidents in a collaborative, demanding environment requiring attention to emerging threats and vulnerabilities.
• Monitor and analyze security events and alerts generated by SIEM platforms, firewalls, IDS/IPS, and endpoint detection tools to identify potential threats and anomalous behavior.
• Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems.
• Analyze potential security incidents and investigate to determine the scope, impact, and root cause, and recommend effective remediation strategies, based on SIEM data analysis, in accordance with SLAs and OLAs.
• Conduct research on the latest organization's environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs).
• Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms.
• Generate detailed and actionable reports for leadership from SIEM platforms summarizing identified threats, incidents, and remediation steps.

Minimum Requirements:

• Bachelors Degree or higher, preferably in Engineering, Cyber, Computer Information Systems, Computer Science, Math, Physics, or other STEM discipline however, years of experience may be substituted for a degree.
• Minimum of 10 years of work-related experience.
• Minimum of 2+ years of ISSO type experience.
• Security+, or other DoD 8570/8140 IAT Level II certification.
• Ability to work on-site daily
• eMASS experience.
• Experience or familiarity with the ATO process.
• Familiarity with vulnerability management tools such as ACAS, STIG Viewer, and SCAP Compliance Checker.
• Familiarity with (DRAGOS, Corelight, Splunk, Snort).
• Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS).
• Familiarity with CVEs, threat intelligence frameworks (e.g., MITRE ATT&CK), and vulnerability management practices.
• Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements.
• A high-level performer with the ability to be proactive and respond rapidly to changing conditions in a fast-paced environmen.
• May require CONUS and/or OCONUS travel to customer sites, <10%.

Preferred Requirements:

• Any of these Certifications: CISSP, CySA+, GIAC Penetration Tester (GPEN), CEH, or GIAC certifications (e.g., GCIH, GCIA), Splunk Core Certified User / Power User, Cisco Certified CyberOps Associate,Offensive Security Certified Professional (OSCP).
• Experience with scripting languages (e.g., Python, PowerShell) for automating security tasks.
• Understanding of advanced threat detection methodologies and incident response processes.

PREFERENCE STATEMENT
Preference will be given to Calista shareholders and their descendants and to spouses of Calista shareholders, and to shareholders of other corporations created pursuant to the Alaska Native Claims Settlement Act, in accordance with Title 43 U.S. Code 1626(g).

EEO STATEMENT
Additionally, it is our policy to select, place, train and promote the most qualified individuals based upon relevant factors such as work quality, attitude and experience, so as to provide equal employment opportunity for all employees in compliance with applicable local, state and federal laws and without regard to non-work related factors such as race, color, religion/creed, sex, national origin, age, disability, marital status, veteran status, pregnancy, sexual orientation, gender identity, citizenship, genetic information, or other protected status. When applicable, our policy of non-discrimination applies to all terms and conditions of employment, including but not limited to, recruiting, hiring, training, transfer, promotion, placement, layoff, compensation, termination, reduction in force and benefits.

REASONABLE ACCOMMODATION
It is Calista and Subsidiaries' business philosophy and practice to provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities.

The statements contained in this job description are intended to describe the general content and requirements for performance of this job. It is not intended to be an exhaustive list of all job duties, responsibilities, and requirements.

This job description is not an employment agreement or contract. Management has the exclusive right to alter the scope of work within the framework of this job description at any time without prior notice.