Cybersecurity Analyst

We are seeking a highly skilled Cybersecurity Analyst to join our team at COLSA Corporation. As a Cybersecurity Analyst, you will be responsible for performing system monitoring and analysis support for the detection of cyber incidents and providing recommendations on how to correct findings.

• Submit and track all service tickets submitted internally and externally for Operational Technology (OT) systems.
• Monitor and log SOC Request/CNOC actions and response.
• Assist in OT investigations of significant incidents and reporting.
• Submit and track all service tickets submitted on behalf of customers internally and to external organizations.
• Provide timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs.
• Evaluate and escalate OT cyber incidents that require further in-depth analysis to SOC Incident Analysis.
• Categorize and prioritize OT cyber events and other SOC service requests.
• Document and track incidents in accordance with reporting procedure and archive historical OT SOC data.
• Provide situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures.
• Monitor and analyze OT SIEM events to identify potential security risks and vulnerabilities.
• Triage events and investigate to identify OT security incidents.
• Log security incidents in the IT/OT ticketing system.
• Manage OT security incidents throughout their lifecycle to closure.
• Coordinate with other technical teams to investigate, document, and resolve issues.
• Make recommendations for ongoing tuning and updates to the SIEM system.
• Analyze events to identify threats and risks.
• Support ad-hoc data and investigation requests.
• Conduct security and vulnerability scans as directed using established processes.

• Associate's or Bachelor's degree in a related technical field or equivalent experience; minimum of 3 related certifications may be used in place of unrelated degree field.
• 4-10 plus years of work-related experience.
• DoD 8140/8570 IAT Level II certification.
• Must be able to obtain/maintain a Secret security clearance; US citizenship required.
• Ability to work onsite daily.
• Ability to clearly present and communicate technical approaches and findings.
• Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).
• Familiarity with the MITRE Att&ck Framework.
• Strong understanding of OSI model, network security concepts, security classification guides, and CJCSM 6510.01B concepts and activities.

• Advanced degree preferred.
• Active Secret clearance.
• DoD experience.
• Tenable.SC Specialist Certification, Tenable.OT Specialist Certification, Dragos Platform Certified User (DPCU), or Dragos ICS-OT Cybersecurity Training.
• ICS/OT penetration testing experience.
• System administration experience and IT certifications in Linux or Microsoft are a plus.
• Experience with networking protocols, design (switches, routers, firewalls, etc.) and terminology, or network administration is a plus (Cisco, Juniper, Ubiquiti etc.).
• Understanding of the Purdue model, Industrial Control Systems, and Operational Technology is desired.

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.