Black & Veatch - Houston, TX
posted about 2 months ago
Part-time,Full-time - Mid Level
Houston, TX
Professional, Scientific, and Technical Services
About the position
The Security Operations and Threat Response Sr. Analyst will support the Cyber Defense and Operations (CDO) programs, focusing on Vulnerability Management, Incident Response, Threat Hunting, and cybersecurity assessment activities. This role is crucial for monitoring, analyzing, and maintaining the security and integrity of networks and applications, ensuring compliance with security standards and best practices.
Responsibilities
- Responsible for the effective detection and reporting of vulnerability detection across all platforms including on-prem and cloud environments.
- Document and maintain standards and procedures related to Vulnerability Management (VM).
- Strategically prioritize vulnerabilities while coordinating closely with the execution teams responsible for remediation.
- Oversight and governance over the coverage and quality of the solutions used to measure vulnerabilities, risk, and compliance with vulnerability management requirements.
- Generate technical and executive metrics for visibility and continuous improvement for the Vulnerability Management (VM) Program.
- Lead and support day-to-day operation and response to security alerts, alert triage, and escalation from SIEM, EDR, email & web security, CSPM, and network security devices.
- Document and maintain IR procedures related to Security Operations Center (SOC) and Incident Response & Operations.
- Generate technical and executive metrics for visibility and continuous improvement for the Security Operations Center (SOC) and Incident Response & Operations Programs.
- Coordinate and lead threat hunting and assessment exercises for proactive detection and remediation.
- Improve security posture by continuously identifying threats and exposures to stay ahead of threat actors; determine the root causes of security incidents and recommend the plan of action to improve the security posture.
- Monitor trending TTP's and IOC's to prepare and respond to incidents.
- Maintain up-to-date knowledge of emerging threats and vulnerabilities.
Requirements
- Bachelor's degree in information security or information technology or equivalent work experience.
- Minimum 7 years of Information Security experience with a focus on Vulnerability Management, Incident Response, and Threat Management.
- 5 years of experience in vulnerability management in mid-size or large organizations.
- One or more certifications such as CISSP, GCIA, GCIH, CEH.
- Strong understanding of current threats and trends present in the cybersecurity and OT field.
- Knowledge of security and privacy frameworks such as Cyber Kill Chain, MITRE, NIST, ITIL, SANS, NERC CIP, CIS, CMMC, OWASP, etc.
- Excellent verbal communication and interpersonal skills to document and communicate findings, escalate critical findings to stakeholders.
- Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit.
- Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment.
- Ability to adjust quickly to shifting priorities, and decision-making skills with limited information.
- Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a 'can-do' attitude.
Benefits
- Competitive compensation
- 401K match
- Benefits starting day 1
- Flexible work schedules
- Paid vacation and holiday time
- Sick time and dependent sick time
- Adoption reimbursement
- Tuition reimbursement
- Vendor discounts
- Employment referral program
- AD&D insurance
- Pre-taxed accounts
- Voluntary legal plan
- B&V Credit Union
- Performance-based bonus program
