Cyber Security Analyst

About the position

The Cyber Security Analyst will be a key member of SRP's Security Operations Center (SOC), responsible for detecting, responding to, and remediating cyber security events across the enterprise. This role involves analyzing security incidents, participating in incident response activities, and supporting the tools utilized by the SOC team. The ideal candidate will possess strong analytical, communication, and problem-solving skills, and is expected to have a foundational understanding of cyber security principles and practices.

Responsibilities

• Identify, triage, and respond to cyber security events in SRP's corporate and operational environments
• Analyze data from multiple sources and tools to discover anomalous and adversarial behavior
• Maintain awareness of current threat landscape utilizing threat intelligence from government and industry partners
• Develop alerts, reports, and dashboards within the SIEM to facilitate detection and triage
• Create playbooks and procedures to support detection and response scenarios
• Advise and support implementation of security controls and new defensive capabilities
• Analyze malware and suspicious files using static/dynamic techniques including sandboxing
• Develop thorough understanding of relationship between IT/OT environments and potential attack vectors in OT environments
• Leverage knowledge of SRP's environment to conduct proactive threat hunts
• Participate in department on-call rotation to respond to after-hours events

Requirements

• 1+ years of experience in an Operational Technology focused role, Security Operations Center or cyber security incident response role, or 3 to 5 years of Information Technology and/or InfoSec experience
• Moderate to strong understanding of SIEM technologies (Splunk experience a plus)
• Knowledge of Windows and Linux architectures, administration, and hardening
• Thorough understanding of the TCP/IP network stack, including common protocols and network topologies
• Experience with network traffic analysis and packet capture tools (Wireshark, Bro/Zeek, etc)
• Familiarity with IDS/IPS technologies
• Experience with Enterprise antimalware/Endpoint Detection & Response (EDR) platforms
• Knowledge of Microsoft Azure/M365 architectures and security features
• Familiarity with incident response and forensic analysis tools and procedures
• Understanding of vulnerability management and mitigation concepts
• Programming or scripting experience (PowerShell, Python, etc)

Nice-to-haves

• Industry security certifications such as CISSP, SANS/GIAC (GSEC, GICSP, GRID, GCIP, GMON, GCIA, GCFA, etc), Security+, CCNA/CCNP Security

Benefits

• Pension Plan (at no cost to the employee)
• 401(k) plan with employer matching
• Medical, vision, dental, and life insurance available from the first day
• Over 200+ hours of PTO (includes vacation days, holidays, floating holidays, and sick leave)
• Parental leave (up to 4 weeks) and adoption assistance
• Wellness programs (including access to a recreation and fitness facility)
• Short and long-term disability plans
• Tuition assistance for both undergraduate and graduate programs
• 10 Employee Resource Groups for career development, community service, and networking