FedRAMP SOC Analyst

Location: This position will work a hybrid model (remote & office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations.

The FedRAMP SOC Analyst will be responsible for providing the first line of defense against cyber threats. Your core focus will be cybersecurity operations, incident response, and ensuring compliance with the Federal Risk and Authorization Management Program (FedRAMP).

How You Will Make An Impact:

• Oversee the monitoring, detection, and analysis of potential threats and vulnerabilities in alignment with cyber security strategy and the Federal Risk Authorization Management Program (FedRAMP).

• Ensure compliance with IT/Cyber certification, training, and knowledge mandates that are enforced by the DoDD 8140.01.

• Perform the detailed and repeatable execution of all operational tasks as documented in SOC processes and subordinate procedures.

• Monitor the SOC Triage Channel for security events.

• Provides trouble resolution on complex problems and leads implementations for system and network security technologies.

• Develop testing plans to ensure quality of implementation; coordinates and prepares the reporting of data security events and incidents.

• Provides system and network architecture support for information and network security technologies.

• Close or escalate security events as necessary.

• Update all relevant documentation such as shift logs and tickets.

• Identify impact of incidents on systems, and using available tools determine if data was exfiltrated.

• Develop and refine processes for the response and investigation of security incidents and participate in mitigation efforts.

• Coordinate with relevant teams to drive incident resolution, responsible for conducting post-incident analysis and reports.

• Aid in the creation and continuous improvement of automated security incident response activities.

• Support the development, implementation, and maintenance of cybersecurity policies, standards, and guidelines.

Minimum Requirements:

• Requires a minimum of 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background.

• Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.

• U.S. Citizenship is required for this position (This position/candidate will support the Department of Defense Military OneSource program).

• Security Clearance issued by Department of Defense is required as part of this role (Security Clearance at the time of hire is preferred, or you must be willing to submit and obtain necessary credentials).

Preferred Skills, Capabilities & Experiences:

• Proven experience as a cybersecurity operations analyst or a similar role preferred.

• Strong knowledge of cybersecurity operations, incident handling, threat intel and defensive security techniques.

• Experience using EDR, SIEM, SOAR and other security technologies to investigate security incidents preferred.

• Understanding of network defense technologies, TCP/IP networking, Active Directory, cryptographic protocols, and application security is a plus.

• Proficiency in FedRAMP and NIST guidelines, protocols, and standards highly preferred.

• Prior experience working within a collaborative cross-functional environment is a plus.

• Knowledge of system and network architecture and interconnectivity is a plus.

• Excellent project management, communication, and presentation skills is preferred.

• Relevant certifications such as the CISSP, GCIH, or Certified Ethical Hacker (CEH) is preferred.

This job is assigned to an entity that conducts government business, the applicant and incumbent fall under a `sensitive position' work designation and is subject to additional requirements beyond those associates outside Government Business Divisions. Requirements include, but are not limited to, obtaining and maintaining a 'Secret level security clearance', which entails more stringent and frequent background checks, segregation of duties principles, role specific training, monitoring of daily job functions, and sensitive data handling instructions. Associates in these jobs must follow the specific policies, procedures, guidelines, etc. as stated by the Government Business Division in which they are employed.