Cybersecurity Analyst I

At an entry level, assists in the maintenance and operation of a variety of security measures and software that perform cybersecurity functions such as access control, monitoring or vulnerability assessment. Assists in providing support to the end-user community and ensuring they have up-to-date protection from malicious software and other cyber threats. Tests security measures to reduce and mitigate risk. Provides reports and other information related to information security issues as requested by management and other groups. Assists in evaluation and analysis of security applications and systems. This position develops competence by performing structured work assignments and receives instruction, guidance and direction from supervisor, manager and/or more experienced colleagues. Monitors security systems for possible intrusion. Assists with risk assessments. Interacts with end users concerning malware, spam, vulnerabilities and any other cybersecurity issues. Reviews and creates audit reports on user and system activities. Actively probes the network for new threats and risks. Documents, deploys, reviews and maintains cybersecurity policies, standards, guidelines and procedures. Monitors security alerts on internet and other intelligence feeds and assists in determining whether reported threats could impact information technology or operational technology systems. Implements and administers technical security systems including SIEM, VAT, network IDS, antivirus, web and email filters, and firewalls. Implements and ensures technical security compliance solutions for NERC, PCI, FBI CJIS, HIPAA and other regulatory requirements. Supports cybersecurity incident response activities. Documents and maintains objective evidence to demonstrate NERC CIP regulatory compliance. May assist in providing technical consulting to other groups within on security requirements. Performs work by traveling independently or with a small team to various locations (substations, power plants, water systems, etc.) as scheduled.