NOC Analyst

RMC is seeking a qualified Network Operations Center (NOC) Analyst to support IT and cybersecurity operations at NSWC Crane. The selected candidate will provide continuous monitoring, threat detection, incident response, network operations monitoring, and Risk Management Framework (RMF) compliance support within a DoD Research, Development, Test & Evaluation (RDT&E) environment.

This role requires strong analytical skills, technical proficiency in security monitoring platforms, and the ability to operate effectively in a mission-driven government environment.

Security Operations & Threat Monitoring

• Conduct detailed log analysis including:
• Trellix (ESS)
• Microsoft Defender for Endpoints (MDE)
• Firewall Logs
• Data Loss Prevention (DLP)
• Intrusion Detection Systems (IDS)
• System and application logs
• AAA logs
• Web proxy logs

• Utilize tools such as Splunk, Microsoft Defender for Endpoint (MDE), and SolarWinds Orion.
• Triage security alerts, investigate incidents, and coordinate containment, eradication, and recovery efforts.
• Create and maintain SIEM dashboards, alerts, correlation rules, and reporting metrics.
• Document incidents, provide accurate metrics, and prepare post-incident reports.
• Participate in post-incident reviews and implement process improvements.

Network Operations Center (NOC) Monitoring

• Provide NOC-level infrastructure monitoring using SolarWinds Orion.
• Monitor network devices, servers (Windows/Linux), virtual infrastructure, storage systems, and critical services.
• Analyze performance baselines, bandwidth utilization, interface errors, and system health metrics.
• Correlate infrastructure alerts with security events to distinguish operational issues from potential cyber threats.
• Escalate outages, performance degradation, and system anomalies to appropriate teams.
• Maintain alert thresholds, monitoring configurations, and performance reports.

Vulnerability Management

• Conduct vulnerability assessments with Tenable.SC and analyze scan results.
• Track remediation efforts and coordinate with system owners.
• Validate mitigation steps and confirm closure of findings.
• Support risk-based prioritization of vulnerabilities.

Assessment & Authorization (A&A) / RMF Support

• Support Risk Management Framework (RMF) lifecycle activities.
• Assist with control validation, artifact collection, and documentation.
• Maintain and update POA&M records.
• Support continuous monitoring (ConMon) requirements.
• Assist with maintaining RMF packages in eMASS or equivalent systems.
• Support audits and demonstrate security control compliance with DoD cybersecurity requirements.
• Review and mitigate identified risks in coordination with the ISSO and Authorizing Official (AO).

Operational & Administrative Duties

• Respond promptly to service requests and maintain accurate ticket documentation.
• Document resolution steps, time spent, follow-up actions, and related change requests.
• Collaborate with cybersecurity, networking, and systems teams to ensure effective incident tracking and resolution.
• Work independently and as part of a cross-functional team in a dynamic RDT&E environment.

Required Qualifications

• Preferred Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• 1–3+ years of experience in SOC, cybersecurity operations, or network monitoring.
• Experience with SIEM tools (e.g., Splunk).
• Experience with enterprise monitoring platforms such as SolarWinds Orion.
• Understanding of incident response processes and threat detection methodologies.
• Familiarity with vulnerability management tools and remediation workflows.
• Knowledge of RMF and DoD cybersecurity compliance requirements.
• Active DoD clearance (or ability to obtain).
• DoD 8570/8140 certification (e.g., Security+) required.

Desired Qualifications

• Experience supporting DoD or RDT&E environments.
• Experience with eMASS.
• Knowledge of NIST SP 800-53 security controls.
• Strong written and verbal communication skills.
• Ability to brief technical findings to leadership.

Requirements:
EDUCATION REQUIREMENT:

• Two (2) years of relevant work experience and certifications/training are required.

CERTIFIACTION REQUIREMENT:

• The selected applicants must have DoD 8570/5239 IAT Level II Certification (Security+)
• Splunk Core Certified User preferred
• CompTIA CYSA+ preferred
• An active Secret security clearance is required.

Benefits:
At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.

RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.

Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The current annual salary range for this position will be $50,000 to $75,000.