**General Summary:
** Performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings. Position requires on-site support.

*Principal Duties and Responsibilities (Essential Functions):

• Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems.
• Monitors/logs SOC Request/CNOC actions and response.
• Assists in OT investigations of significant incidents and reporting.
• Submits and tracks all service tickets submitted on behalf of customer internally and to external organizations.
• Provides timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs.
• Escalates OT cyber incidents that require further in-depth analysis.
• Categorizes and prioritizes OT cyber events and other SOC service requests.
• Documents and tracks incidents in accordance with the reporting procedure and archive historical OT SOC data.
• Provides situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures.
• Provides monitoring and analysis of OT SIEM events to identify potential security risks and vulnerabilities.
• Triages events and investigates to identify OT security incidents.
• Logs security incidents in the IT/OT ticketing system.
• Manages OT security incidents throughout their lifecycle to closure.
• Coordinates with other technical teams to investigate, document, and resolve issues.
• Makes recommendations for ongoing tuning and updates to the SIEM system.
• Receives input from threat intelligence sources and analyzes events to identify threats and risks.
• Supports ad-hoc data and investigation requests.
• Conducts security and vulnerability scans as directed using established processes.

_At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefitshere. _

Required Skills

Required Experience

• Associate’s Degree or Bachelor’s Degree in related field, or equivalent experience; minimum of 3 related certifications may be used in place of unrelated academic field
• Minimum of 7-10 years of work related experience
• Current DoD 8140 IAT Level II certification
• One of the following current certifications:
  • Tenable.SC Specialist
  • Tenable.OT Specialist
  • Dragos Platform Certified User (DPCU)
  • Dragos ICS-OT Cybersecurity Training
• Ability to obtain/maintain a secret security clearance; US citizenship required
• ICS/OT Penetration Testing experience
• Ability to clearly present and communicate technical approaches and findings

Preferred Qualifications

• Advanced degree preferred
• Strong knowledge base preferred in the areas of:
  • Real-time security situational awareness
  • Operational network systems
  • Security monitoring
• Active secret clearance
• Experience with DoD

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.