Cyber Security Analyst (Internal)

OSC EdgeTech, LLC is seeking a talented Cyber Security Analyst to join the team. 

OSC EdgeTech is a wholly owned subsidiary of Cook Inlet Region, Inc. (CIRI), an Alaska Native Corporation proudly owned by over 9,400 Shareholders. OSC EdgeTech was created to deliver agile, responsive IT solutions to meet the evolving needs of federal and defense customers. As an SBA-certified 8(a) entity with a Facility Clearance (FCL), OSC EdgeTech streamlines the acquisition process while maintaining the trusted quality, security, and innovation that define OSC Edge.

Cook Inlet Region, Inc., also known as CIRI, is one of 12 land-based Alaska Native regional corporations created pursuant to the Alaska Native Claims Settlement Act (ANCSA). CIRI’s regional boundaries roughly follow the traditional Dena’ina territory of Southcentral Alaska. CIRI was incorporated on June 8, 1972, and is owned today by a diverse group of more than 9,500 Shareholders who live in Alaska and throughout the world.

OSC EdgeTech offers excellent benefits for eligible employees. Benefits include paid holidays, paid time off, 401K with employer match, dental, vision, health insurance plans, as well as life and disability benefits.

Position Overview

The Cyber Security Analyst will contribute to the Cyber mission by conducting vulnerability scans, reviewing security alerts and incidents, and assessing technical compliance in accordance with DoD and Federal requirements. This position will utilize Cyber security tools, including ACAS, eMASS, HBSS, and Microsoft 365 Defender, to support vulnerability management, POA&M management, threat detection, and other Cyber tasks as required. Additionally, this position will collaborate with other Cyber analysts to develop programmatic actions and minimize security risks.

Major Activities

Conduct vulnerability scans of IT assets as requested from tickets or as directed by Cybersecurity Manager.

Apply knowledge of monitoring, analyzing, detecting, and responding to Cyber events and incidents within information systems and networks.

Advise on an integrated, dynamic Cyber defense and leverage Cybersecurity solutions to deliver Cybersecurity operational services, including intrusion detection and prevention, situational awareness of network intrusions, security events, and data spillage, and incident response actions.

Assess IT assets for cybersecurity compliance in accordance with DISA STIGs requirements.

Develop POA&Ms to track any Overdue vulnerabilities or STIG deviations

Review and investigate security alerts and incidents from Microsoft 365 Defender

Utilize eMASS to maintain and update POA&M status

Review device compliance status from HBSS

Work with other NEC Operations team members to remediate and mitigate security vulnerabilities.

Review the latest Cybersecurity intelligence information and provide recommendations to improve the Cybersecurity posture.

Perform other duties as appropriate and as assigned.

Knowledge/Skills/Abilities

Experience analyzing log files, firewall logs, and IDS Logs to identify possible threats to network security, and to perform command and control functions in response to incidents. If not 8570 certified at contract start must be within six months.

Experience in Host Based Security Systems (HBSS), ACAS vulnerability scanning software, knowledge of and experience with Security Information and Events Manager (SIEM) analysis and administration, as well as Information Assurance Vulnerability Alert (IAVA) management.

Excellent verbal, written and interpersonal communication skills, excellent organizational and multi-tasking skills.

Great analytical, critical thinking and problem-solving abilities.

Superior presentation and negotiation skills.

Strong management and organizational skills.

Adaptable and capable of working in fast-paced environments.

Proficient in Microsoft Word, Excel, PowerPoint, and SharePoint

Required Qualifications

Bachelor's degree in IT, Cyber Security or related field or seven years of IT work experience

Demonstrated work experience as Cyber Security Analyst in DoD or Federal government environments

Two or more years' experience performing vulnerability scans using Tenable SecurityCenter (Tenable.sc) or ACAS

Must possess appropriate DISA ESS certifications and experience.

Must be DoD 8570 certified at IAT Level 3 or higher (e.g., CASP+, CCNP Security, CISA, CISSP, GCED, GCIH, or CCSP)

Must be US citizen

Must possess active secret security clearance or higher

Must be able to pass pre-employment background check

Preferred Qualifications

Bachelor's degree in IT, IM, or Cyber Security

ACAS certification obtained within the last three (3) years, preferred

HBSS Administrator certification obtained within the last three (3) years, preferred

E-Verify:

OSC EdgeTech participates in E-Verify. We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. 

Reasonable Accommodation:

OSC EdgeTech, LLC will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with OSC EdgeTech, LLC or any of its subsidiaries, please email [email protected].