NL-25-023 Security Operations Center (SOC) Analyst Job at nLogic, Concord, CA

dS9jR2JIaTN0Z09FVXkwbUNBU1JlWjdnK3c9PQ==
  • nLogic
  • Concord, CA

Job Description

nLogic is hiring a Security Operations Center Analyst, also known as Local Defender, at Military Ocean Terminal Concord in Concord, California. The Local Defender is a critical cybersecurity role responsible for protecting the organization's digital assets through proactive monitoring, analysis, and response to cyber threats. This role combines the duties of a Security Operations Center (SOC) Analyst and Threat Analyst to ensure a holistic defense against emerging threats. Key responsibilities include monitoring security logs, analyzing and reporting cyber incidents, reviewing Common Vulnerabilities and Exposures (CVEs), and implementing directives from NETCOM (e.g., Cyber Tasking Orders – CTO). Work is performed on-site with occasional on-call duties for critical incidents in a collaborative, demanding environment requiring attention to emerging threats and vulnerabilities.

The preferred candidate will be well-versed in common cyber threats, vulnerabilities, and adversarial tactics, techniques, and procedures (TTPs). In this role, the candidate is expected to work with minimal guidance, in a cross-functional team, ensuring reports and recommendations are effectively communicated and actioned to support the Government customer and mission requirements.

Duties Include

  • SOC Activities and Duties
    • Monitor and analyze security events and alerts generated by SIEM platforms, firewalls, IDS/IPS, and endpoint detection tools to identify potential threats and anomalous behavior.
    • Analyze potential security incidents and investigate to determine the scope, impact, and root cause, and recommend effective remediation strategies.
    • Perform triage on security incidents to identify root causes and recommend appropriate mitigation measures.
    • Conduct regular reviews of SIEM reports to identify patterns, trends, and potential vulnerabilities within the organization's infrastructure.
    • Develop actionable recommendations based on SIEM data analysis to enhance detection capabilities, optimize alert configurations, and address identified gaps.
    • Escalate critical incidents to senior leadership or appropriate teams and provide detailed incident summaries with proposed mitigation actions.
    • Maintain accurate documentation of security events and incident-handling procedures.
  • Threat Analysis and Intelligence
    • Monitor and evaluate Cyber Tasking Orders (CTOs) and other directives from NETCOM, ensuring compliance and timely implementation of mitigations.
    • Conduct research on the latest organization’s environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs).
    • Collaborate with other cybersecurity team members and the government customer to integrate threat intelligence into incident detection and response processes.
    • Analyze CVEs, security bulletins, threat intelligence feeds, and security advisories to assess their relevance and potential impact to the mission and the organization’s environment.
    • Correlate threat intelligence with SIEM findings to identify and assess emerging threats.
    • Develop and communicate proactive mitigation strategies based on threat landscape trends and adversary tactics.
  • Reporting and Communication
    • Generate detailed and actionable reports for leadership from SIEM platforms summarizing identified threats, incidents, and remediation steps.
    • Provide recommendations for improving the organization’s cybersecurity posture based on incident trends and threat intelligence.
    • Maintain clear communication with cross-functional teams to ensure alignment with security objectives and protocols.
    • Generate detailed reports on threats, false positives, and actionable insights.
    • Provide the Government customer and leadership with concise, data-driven recommendations for enhancing the organization’s cybersecurity defenses based on SIEM trends and incident analysis.
    • Prepare summaries and status updates of security posture improvements resulting from SIEM data analysis and implemented recommendations.
  • Security Tool Management and Optimization
    • Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms.
    • Conduct periodic reviews and updates of security tools to address gaps or inefficiencies.
    • Participate in the testing and implementation of new security technologies as required.
    • Collaborate with the team and the stakeholder community to fine-tune SIEM configurations, including custom rule creation and log source integration, to improve threat detection accuracy.
    • Conduct periodic evaluations of SIEM and related tools, providing recommendations for feature enhancements or additional capabilities.
    • Support the testing and deployment of security solutions to ensure seamless integration with the existing monitoring infrastructure.
Required Skills And Experience

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
  • Minimum of 10 years in IT/OT roles, including at least 3-5 years of experience in a senior role.
  • 2+ years of experience in a SOC, cybersecurity, or related role.
  • Active DoD Secret Security Clearance required.
  • Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS).
  • Familiarity with CVEs, threat intelligence frameworks (e.g., MITRE ATT&CK), and vulnerability management practices.
  • Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements.
  • Strong analytical and problem-solving skills with attention to detail.
  • Requires working on-site and as needed during incidents.
  • May require CONUS and/or OCONUS travel to customer sites. 

Preferred Qualifications

  • Experience with scripting languages (e.g., Python, PowerShell) for automating security tasks.
  • Understanding of advanced threat detection methodologies and incident response processes.
  • Excellent verbal and written communication skills for creating technical reports and presentations.
  • Certifications:
    • CISSP, CompTIA Security+, CySA+, CEH, or GIAC certifications (e.g., GCIH, GCIA), Splunk Core Certified User / Power User, Cisco Certified CyberOps Associate
Candidate must be a U.S. Citizen. This position requires a SECRET Security Clearance. This is a full-time position that is fully onsite located at Military Ocean Terminal Concord in Concord, California. The expected salary range is $97,000 to $132,000

Job Tags

Full time, Local area,

Similar Jobs

John C. Flood

Call Center Manager Job at John C. Flood

 ...Customer Service Manager Home Services at John C. Flood &##128205; Alexandria, VA | &##128188; Full-time | &##128736; HVAC / Plumbing / Electrical' Were looking for a confident, call-converting, people-developing leader to take charge of our customer service... 

Union Beer Distributors

Off Premise Beer Sales Representative - Bronx NY Job at Union Beer Distributors

 ...Union Beer Distributors is currently looking for an Off-Premise Sales Representative Bronx NY to sell, promote and grow our ever-...  ...offered an extensive portfolio of world class beer, cider, kombucha, wine, spirits, and non-alcoholic beverages. The company is committed... 

GHR Healthcare - Travel Division

Travel Nurse Level III RN - PreOp / PACU - Post Anesthesia Care - $2,940 per week Job at GHR Healthcare - Travel Division

 ...GHR Healthcare - Travel Division is seeking a travel nurse RN PreOp / PACU - Post Anesthesia Care Level III for a travel nursing job in Rochester, New York. Job Description & Requirements ~ Specialty: PreOp / PACU - Post Anesthesia Care ~ Discipline: RN ~ Start... 

Get It - Healthcare

RN Triage Nurse - Remote Job at Get It - Healthcare

Are you a Registered Nurse with pediatric and adult care experience looking for an exciting...  ...department (ED), call centers, or triage within a provider's office. Strong multi...  ...take on an exciting and rewarding role in telephone triage, we'd love to hear from you! Submit... 

RWD Consulting, LLC

Driver/Courier Job at RWD Consulting, LLC

 ...Driver/Courier Location: Silver Spring Schedule: M-F; 10am 6pm Pay Rate: $22.00...  ...governmental agencies, may occasionally transport office personnel and visitors, perform...  ...errands, such as carrying mail to and from the post office and sorting or opening incoming...