Sr. Cybersecurity Analyst

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent work experience).
• 3-5 years of experience in cybersecurity, security operations, incident response, or related technical roles.
• Strong understanding of cybersecurity fundamentals including threats, vulnerabilities, and security controls.
• Experience with SIEM tools (e.g., Splunk, Elastic Security, Microsoft Sentinel) for log analysis and correlation.
• Familiarity with EDR platforms (e.g., CrowdStrike, Microsoft Defender) and endpoint security concepts.
• Working knowledge of network security technologies including firewalls, IDS/IPS, and VPNs.
• Understanding of regulatory frameworks such as NERC CIP, NIST, or ISO 27001
• Proficiency in scripting languages (Python, PowerShell, or Bash) for basic automation tasks.
• Experience with cloud platforms (AWS, Azure, or GCP) and basic cloud security concepts.
• Strong analytical and problem-solving skills for investigating security incidents.
• Good written and verbal communication skills for documentation and stakeholder interaction.
• Ability to work independently and collaboratively in a team environment.
• High integrity and trustworthiness for handling sensitive security information.
• Adaptability and eagerness to learn new technologies and security techniques.
• Commitment to continuous professional development.
• US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa.
• Successful candidate will need to satisfactorily complete pre-employment drug screen and background check

Nice To Haves

• Professional cybersecurity certifications such as Security+, CySA+, CEH, GCIA, or similar.
• Experience in the energy sector or critical infrastructure environments.
• Familiarity with threat hunting frameworks like MITRE ATT&CK.
• Basic understanding of forensic analysis tools and techniques.
• Experience with vulnerability management tools and processes.
• Knowledge of operational technology (OT) and industrial control systems (ICS) security.
• Familiarity with security orchestration and automation (SOAR) platforms.
• Understanding of DevSecOps concepts and CI/CD security integration
• Experience with threat intelligence platforms and feeds.
• Knowledge of container security (Docker, Kubernetes) fundamentals
• Understanding of modern authentication protocols (OAuth, SAML, OIDC).
• Experience supporting security awareness programs or training initiatives.
• Strong cultural awareness for supporting global operations.
• Ability to balance security requirements with operational needs.

Responsibilities

• Security Monitoring and Incident Response: Monitor security alerts using SIEM tools (e.g., Splunk, Elastic Security, Microsoft Sentinel) and EDR platforms (e.g., CrowdStrike, Microsoft Defender) to identify potential threats. Support incident response efforts including initial triage, log collection, containment activities, and evidence preservation under senior analyst guidance. Analyze security logs and events to identify indicators of compromise (IOCs) and correlate threat activity across multiple data sources. Document security incidents thoroughly, maintaining accurate records for reporting, compliance, and lessons learned. Execute security playbooks and runbooks for common incident scenarios, escalating complex issues to senior analysts. Participate in post-incident reviews and contribute to continuous improvement of security operations.
• Threat Analysis and Detection: Conduct initial malware analysis and threat research to understand attack methods and tactics. Support threat hunting activities using frameworks like MITRE ATT&CK to proactively identify threats. Research and analyze emerging threats relevant to critical infrastructure and energy sector operations. Maintain and update threat intelligence feeds, integrating IOCs into security tools for improved detection. Develop and tune SIEM detection rules to improve alert quality and reduce false positives.
• Security Tools Management: Manage and maintain security tools including SIEM, EDR, firewalls, IDS/IPS, and vulnerability scanners. Monitor cloud security configurations for AWS, Azure, or Google Cloud platforms, identifying misconfigurations and security gaps. Perform regular security tool health checks, ensuring proper logging, alerting, and functionality. Write and maintain scripts (Python, PowerShell, Bash) to automate security tasks, log analysis, and reporting. Support deployment and configuration of new security technologies and capabilities.
• Compliance and Risk Management: Support compliance activities for NERC CIP, NIST 800-53, ISO 27001, and SOC 2 frameworks. Conduct security assessments and vulnerability scans, documenting findings and tracking remediation. Assist with audit preparation, gathering evidence and documentation as required. Monitor security posture metrics and contribute to compliance reporting. Perform third-party vendor security assessments, reviewing questionnaires and security documentation.
• Security Awareness Support: Support security awareness programs by creating content, coordinating training sessions, and tracking participation. Manage phishing simulation campaigns, analyzing results and reporting metrics to senior analysts. Respond to employee security questions and provide guidance on security best practices. Assist with security awareness initiatives including National Cybersecurity Awareness Month activities.
• Metrics and Reporting: Collect and analyze security metrics including alert volumes, incident response times, and detection rates. Create dashboards and visualizations to communicate security operations status to stakeholders. Prepare regular security reports summarizing threats, incidents, and security posture improvements. Maintain accurate documentation in security operations and compliance databases.
• Collaboration and Communication: Collaborate with IT, network, and OT teams to address security issues and implement security controls. Communicate security findings and recommendations clearly to technical and non-technical audiences. Participate in security team meetings, contributing ideas and sharing knowledge. Support crisis communication during security incidents, documenting and disseminating information as directed.
• Continuous Learning and Professional Development Stay current on cybersecurity threats, tools, and best practices through training, conferences, and community engagement. Pursue relevant cybersecurity certifications to advance technical expertise. Shadow senior analysts to learn advanced incident response, forensics, and threat hunting techniques. Participate in tabletop exercises, purple team activities, and security simulations to develop skills.

Benefits

• We offer competitive pay, excellent benefits that include Medical, Dental, Vision, and Life/Disability Insurance at minimal cost to the employee, 10 paid holidays, paid time off, and a 401K plan.