SOC Analyst

Title: SOC Analyst
Location: Fully Remote
Citizenship/Clearance Requirement: US Citizen with a Secret Clearance

Member of the IO SecOps team. Provides hands-on technical expertise and is engaged in ensuring the confidentiality, integrity, availability, and non-repudiation of all IT systems operated by or on behalf of the Department of the Treasury. Whomever is selected for this position will assist in efforts to plan, develop, and oversee security aspects of multiple concurrent vital IT programs for Infrastructure Operations (IO); will perform against goals set by federal and/or contract management, and be expected to perform assigned duties with a high degree of independence.

1. Provides technical expertise to the Security Operations (SecOps) team with respect to technical execution of daily workloads.
2. Maintains hands-on operational, technical, and situational awareness of the planning and execution of multiple, concurrent computer SecOps activities of a Federal Agency.
3. Identifies relevant cyber threat trends, Tactics, Techniques, and Procedures (TTPs), and cyber tool developments.
4. Provides risk analysis recommendations and mitigation strategies on the safe and effective execution of SecOps operation.
5. Participates in the development of products, reports, and briefings for senior Treasury officials and customers explaining complex, technical findings and the strategic implications of vulnerabilities identified.
6. SOC Analysts serve as a mid to senior level Subject Matter Expert (SME) on technical operations across the operational lifecycle of in-scope systems.
7. Provides mentoring and professional guidance/development to SecOps team members (skills sharing).
8. Creates and updates daily/weekly/monthly standard operating procedures as necessary.
9. Participates in the incident response activities as needed for systems and services within scope.
10. Participates in vulnerability management activities for systems and services within scope.
11. Undergoes required security training and development opportunities for the organization as assigned by management.
12. Performs analysis, reporting, and remediation (plan of action and milestones) of security incidents, threat assessments, and findings from audits, testing, and other sources to the assigned infrastructure and in scope systems.
13. Ensures consistency in individual work outcomes, adequacy, and contributes to the success of the programs by consistently following established operational processes, procedures, and mechanisms for securely managing information systems security.
14. Identifies need for system changes based on new security technologies or threats; reviews proposed new systems, networks, and software designs for potential security risks; and assists in the development of long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities.
15. Participates in systems security evaluations, audits, and reviews; participates in network and systems design to ensure implementation of appropriate systems security policies.
16. Provides expert technical advice, guidance, and recommendations to management and other technical specialists on compliance with Treasury's security program, monitoring, and improvement of its security posture.
17. Consults with customers to evaluate functional requirements; coordinates with systems architects and developers to provide oversight in the development of IT design solutions.
18. Identifies issues, impediments, and obstacles to achieving IT security goals and program success and provides potential solutions to management.
19. Assists in the development of policies, procedures, and strategies to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to Treasury systems and digital services offered by the government to the Department and its Bureaus, the general public, other agencies, and business entities in the public and private sector.
20. Serves as a subject matter expert on high level information technology issues related to security for personally identifiable information, sensitive but unclassified controlled unclassified information, classified information, as well as information privacy concerns as required.
21. Participates in efforts to address issues with IT security where precedents do not exist and that require the development of new concepts and approaches to determine the acceptability of these new approaches.
22. Serves as subject matter expert for a diverse range of issues related to IT security, technology, digital service delivery, and/or technology policy, as well as more widespread issues affecting the substantive office's mission in one or more areas.
23. Participates in technology initiatives or technology policy initiatives across the government, promoting integration of secure digital applications, standards-based approaches to secure development, and modern project management and development processes.
24. Participates in and drives the adoption and creation of government-wide standards for developing digital services, based upon best practices from the private sector such as agile development methodologies and open-source practices.
25. Uses technical expertise, creativity, and judgment, to develop, define and lead the integration of IT security into all aspects of software development, operations, and maintenance, devising innovative ways to solve problems of major importance. Reviews related security initiatives for technical and programmatic feasibility and adherence with the organizations and federal standards, regulations and policies dealing with customer perspective on technology.
26. Utilizes Digital Analytics (qualitative and quantitative measurements of application system website data), in order to improve IT security and balance the customer experience across component areas. Incumbent conducts sophisticated research using quantitative and qualitative methods.
27. Conducts systems security evaluations, audits, and reviews. Gathers and analyzes findings; organizes documentation, consults with systems users, and develops recommendations used to identify and define systems security requirements.
28. Monitors application of approved security procedures by systems users.
29. Develops, recommends, and implements approved security contingency plans, incident response plans, and disaster recovery procedures.
30. Maintains comprehensive knowledge of new technology and other developments in the field of information technology and cybersecurity. Instructs seniors, peers, and junior employees on new information and trends.

Educational Requirements: BA/BS or the equivalent combination of education, technical training, or work/military experience

Certification Requirements: Preferred Skills: N/A

Arena Technical Resources, LLC, (ATR) is an Equal Opportunity Employer (EOE) who will provide equal employment opportunity to employees and applicants for employment without regard to race, ethnicity, religion, color, sex, pregnancy, national origin, age, veteran status, ancestry, sexual orientation, gender identity or expression, marital status, family structure, genetic information, or mental or physical disability.