Senior IT Security Analyst

Location

Maple Grove, MN | United States

Job description

Senior IT Security Analyst

Application due date: March 18, 2024

Location: Maple Grove, MN (hybrid schedule eligible for 80% remote)

Are you a dedicated cyber defender with the skills necessary to protect critical infrastructure? The North American power grid is the largest machine in human history and a constant target for those that would bring harm to our society. Using our best-in-class tools you will serve this mission by analyzing adversary capabilities to proactively locate and block those faint signals of compromise.

Summary:

This senior role is a new position and great opportunity for a seasoned security professional to help define Great River Energy’s security analysis procedures, threat hunting, detection, and response. It involves conducting advanced analysis to determine appropriate actions and continually enhancing focus on advanced protection measures. Key responsibilities include analyzing open-source closed-source intelligence to develop risk-based alerting for security protection and detection platforms including Splunk ES, CrowdStrike Falcon, and Tenable.SC. Lead response activities to prioritize alerts, alarms, and other possible incidents for most effective and appropriate response activities.

Total Rewards:

We offer market competitive base pay and adjust our offer accordingly based upon the value of the candidate’s knowledge, skills and experience. GRE also recognizes the importance of continuous learning and training for security professionals with liberal investments in employee’s personal and professional development. Our Total Rewards strategy focuses on recognizing individual performance and rewarding business results. Our robust Total Rewards package includes exceptional benefits and retirement, a focus on continuous engagement, recognition, campus wellness center and an emphasis on work-life effectiveness. GRE is a beyond the yellow ribbon employer with an active Veteran’s Employee Resource Group, along with several other ERGs.

Responsibilities: Job responsibilities include, but are not limited to

· Identifies and develops risks-based detection of potential threats for our security program leveraging GREs suite of security tools and the MITRE ATT&CK framework.

· Leads threat intel, research, and collaborate with internal and external partners through threat-intel sharing forums to share, receive, and acts on actionable threat intelligence leveraging internal tools and processes.

· Conducts proactive threat hunting to identify previously undetected indicators of compromise that were undetected by other security measures.

· Assess the organization’s current operational security posture and conduct technical security assessments to identify vulnerabilities, weaknesses, and potential risks and recommend appropriate actions. (Red team exercises)

· Stays current with and mentors others on the team on new and evolving attacker tactics and techniques to identify malicious or unexpected activity.

· Acts as the technical lead and directs the team in thorough incident response investigations partnering with multiple departments across the enterprise.

· Conducts comprehensive digital forensics and response investigations, synthesizing analyses from various subject matter experts to ensure thorough examination and effective resolution of all issues.

· Creates visuals, presentations, and detailed reports that can be used to explain incidents, vulnerabilities, breach events, and response to both technical and non-technical audiences.

· Develops security incident response, vulnerability management, and proactive threat analysis practices with standardized playbooks continuously improved for new and evolving attacker tactics and techniques .

· Requires experience in scripting and programming languages such as PowerShell, Bash, Python and/or Ruby.

· Experience with NERC CIP cybersecurity standards, utility operations, industrial control systems, IOT environments, identity management, disaster recovery, and NIST cybersecurity practices.

· Any training from SANS Institute or security certifications are preferred to show continuous development.

· Experience with SIEM platforms, end point detections and response tools, vulnerability scanning, and intrusion detection systems.

Qualifications:

Knowledge typically acquired through a Bachelor’s degree in a technology or security related field and 5+ years of progressive experience working in a security operations center (SOC) or cybersecurity roles or - 2+ years post high school education in a technology or security related field and 7+ years of progressive experience working in a security operations center (SOC) or cybersecurity roles.

Apply: Qualified candidates please apply at (under the Careers tab) by March 18, 2024. GRE values diversity, equity and inclusion and we are an equal employment opportunity employer.

Position Senior IT Security AnalystLocation US:MN:Maple Grove | Information Technology | Full-TimeReq ID null

Job tags

Salary