OASYS, INC.
Cybersecurity ISSO / SOC Analyst with Security Clearance
OASYS, INC., Kingsport, Tennessee, us, 37662
Cybersecurity ISSO / SOC Analyst with Security Clearance
OASYS, INC., a Leading-Edge Government contractor, is seeking a Cybersecurity ISSO / SOC Analyst to support our Army customer at Holston Army Ammunition Plant (HSAAP) in Kingsport, TN.
Responsibilities
Serve as the ISSO in support of the ISO for assigned systems, ensuring full compliance with RMF, DoDI 8510.01, and NIST SP 800-53 security control baselines.
Manage and maintain all RMF-related documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
Conduct security control assessments and facilitate ongoing authorization (ATO/ATC) activities.
Lead vulnerability and compliance assessments using automated tools (e.g., ACAS, STIG Viewer) and ensure all findings are remediated or tracked via POA&Ms.
Monitor security logs, analyze and report cyber incidents, review Common Vulnerabilities and Exposures (CVEs), and implement directives from NETCOM (e.g., Cyber Tasking Orders – CTO).
Work on-site with occasional on-call duties for critical incidents in a collaborative, demanding environment requiring attention to emerging threats and vulnerabilities.
Monitor and analyze security events and alerts generated by SIEM platforms, firewalls, IDS/IPS, and endpoint detection tools to identify potential threats and anomalous behavior.
Submit and track all service tickets submitted internally and externally for Operational Technology (OT) systems.
Analyze potential security incidents and investigate to determine the scope, impact, and root cause, and recommend effective remediation strategies based on SIEM data analysis, in accordance with SLAs and OLAs.
Conduct research on the latest organizational environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs).
Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms.
Generate detailed and actionable reports for leadership from SIEM platforms summarizing identified threats, incidents, and remediation steps.
Qualifications
Bachelor’s Degree or higher (additional experience may be considered).
Minimum of 10 years of work-related experience.
Minimum of 2+ years of ISSO type experience.
Security+ or other DoD 8570/8140 IAT Level II certification.
Ability to work on-site daily.
Experience with eMASS.
Experience or familiarity with the ATO process.
Familiarity with vulnerability management tools such as ACAS, STIG Viewer, and SCAP Compliance Checker.
Familiarity with DRAGOS, Corelight, Splunk, Snort.
Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS).
Familiarity with CVEs, threat intelligence frameworks (MITRE ATT&CK), and vulnerability management practices.
Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements.
A high-level performer with the ability to be proactive and respond rapidly to changing conditions in a fast‑paced environment.
May require CONUS and/or OCONUS travel to customer sites.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries: IT Services and IT Consulting
#J-18808-Ljbffr
Responsibilities
Serve as the ISSO in support of the ISO for assigned systems, ensuring full compliance with RMF, DoDI 8510.01, and NIST SP 800-53 security control baselines.
Manage and maintain all RMF-related documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
Conduct security control assessments and facilitate ongoing authorization (ATO/ATC) activities.
Lead vulnerability and compliance assessments using automated tools (e.g., ACAS, STIG Viewer) and ensure all findings are remediated or tracked via POA&Ms.
Monitor security logs, analyze and report cyber incidents, review Common Vulnerabilities and Exposures (CVEs), and implement directives from NETCOM (e.g., Cyber Tasking Orders – CTO).
Work on-site with occasional on-call duties for critical incidents in a collaborative, demanding environment requiring attention to emerging threats and vulnerabilities.
Monitor and analyze security events and alerts generated by SIEM platforms, firewalls, IDS/IPS, and endpoint detection tools to identify potential threats and anomalous behavior.
Submit and track all service tickets submitted internally and externally for Operational Technology (OT) systems.
Analyze potential security incidents and investigate to determine the scope, impact, and root cause, and recommend effective remediation strategies based on SIEM data analysis, in accordance with SLAs and OLAs.
Conduct research on the latest organizational environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs).
Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms.
Generate detailed and actionable reports for leadership from SIEM platforms summarizing identified threats, incidents, and remediation steps.
Qualifications
Bachelor’s Degree or higher (additional experience may be considered).
Minimum of 10 years of work-related experience.
Minimum of 2+ years of ISSO type experience.
Security+ or other DoD 8570/8140 IAT Level II certification.
Ability to work on-site daily.
Experience with eMASS.
Experience or familiarity with the ATO process.
Familiarity with vulnerability management tools such as ACAS, STIG Viewer, and SCAP Compliance Checker.
Familiarity with DRAGOS, Corelight, Splunk, Snort.
Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS).
Familiarity with CVEs, threat intelligence frameworks (MITRE ATT&CK), and vulnerability management practices.
Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements.
A high-level performer with the ability to be proactive and respond rapidly to changing conditions in a fast‑paced environment.
May require CONUS and/or OCONUS travel to customer sites.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries: IT Services and IT Consulting
#J-18808-Ljbffr