Sr. Cybersecurity Analyst

• Monitor security alerts using SIEM tools (e.g. Splunk Elastic Security Microsoft Sentinel) and EDR platforms (e.g. CrowdStrike Microsoft Defender) to identify potential threats.
• Support incident response efforts including initial triage log collection containment activities and evidence preservation under senior analyst guidance.
• Analyze security logs and events to identify indicators of compromise (IOCs) and correlate threat activity across multiple data sources.
• Document security incidents thoroughly maintaining accurate records for reporting compliance and lessons learned.
• Execute security playbooks and runbooks for common incident scenarios escalating complex issues to senior analysts.
• Participate in post-incident reviews and contribute to continuous improvement of security operations.

• Conduct initial malware analysis and threat research to understand attack methods and tactics.
• Support threat hunting activities using frameworks like MITRE ATT&CK to proactively identify threats.
• Research and analyze emerging threats relevant to critical infrastructure and energy sector operations.
• Maintain and update threat intelligence feeds integrating IOCs into security tools for improved detection.
• Develop and tune SIEM detection rules to improve alert quality and reduce false positives.

• Manage and maintain security tools including SIEM EDR firewalls IDS/IPS and vulnerability scanners.
• Monitor cloud security configurations for AWS Azure or Google Cloud platforms identifying misconfigurations and security gaps.
• Perform regular security tool health checks ensuring proper logging alerting and functionality.
• Write and maintain scripts (Python PowerShell Bash) to automate security tasks log analysis and reporting.
• Support deployment and configuration of new security technologies and capabilities.

• Support compliance activities for NERC CIP NIST 800-53 ISO 27001 and SOC 2 frameworks.
• Conduct security assessments and vulnerability scans documenting findings and tracking remediation.
• Assist with audit preparation gathering evidence and documentation as required.
• Monitor security posture metrics and contribute to compliance reporting.
• Perform third-party vendor security assessments reviewing questionnaires and security documentation.

• Support security awareness programs by creating content coordinating training sessions and tracking participation.
• Manage phishing simulation campaigns analyzing results and reporting metrics to senior analysts.
• Respond to employee security questions and provide guidance on security best practices.
• Assist with security awareness initiatives including National Cybersecurity Awareness Month activities.

• Collect and analyze security metrics including alert volumes incident response times and detection rates.
• Create dashboards and visualizations to communicate security operations status to stakeholders.
• Prepare regular security reports summarizing threats incidents and security posture improvements.
• Maintain accurate documentation in security operations and compliance databases.

• Collaborate with IT network and OT teams to address security issues and implement security controls.
• Communicate security findings and recommendations clearly to technical and non-technical audiences.
• Participate in security team meetings contributing ideas and sharing knowledge.
• Support crisis communication during security incidents documenting and disseminating information as directed.

• Stay current on cybersecurity threats tools and best practices through training conferences and community engagement.
• Pursue relevant cybersecurity certifications to advance technical expertise.
• Shadow senior analysts to learn advanced incident response forensics and threat hunting techniques.
• Participate in tabletop exercises purple team activities and security simulations to develop skills.

• Bachelors degree in Cybersecurity Computer Science Information Technology or related field (or equivalent work experience).
• 3-5 years of experience in cybersecurity security operations incident response or related technical roles.
• Strong understanding of cybersecurity fundamentals including threats vulnerabilities and security controls.
• Experience with SIEM tools (e.g. Splunk Elastic Security Microsoft Sentinel) for log analysis and correlation.
• Familiarity with EDR platforms (e.g. CrowdStrike Microsoft Defender) and endpoint security concepts.
• Working knowledge of network security technologies including firewalls IDS/IPS and VPNs.
• Understanding of regulatory frameworks such as NERC CIP NIST or ISO 27001
• Proficiency in scripting languages (Python PowerShell or Bash) for basic automation tasks.
• Experience with cloud platforms (AWS Azure or GCP) and basic cloud security concepts.
• Strong analytical and problem-solving skills for investigating security incidents.
• Good written and verbal communication skills for documentation and stakeholder interaction.
• Ability to work independently and collaboratively in a team environment.
• High integrity and trustworthiness for handling sensitive security information.
• Adaptability and eagerness to learn new technologies and security techniques.
• Commitment to continuous professional development.
• Travel:15-20%
• US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa.
• Successful candidate will need to satisfactorily complete pre-employment drug screen and background check

• Professional cybersecurity certifications such as Security CySA CEH GCIA or similar.
• Experience in the energy sector or critical infrastructure environments.
• Familiarity with threat hunting frameworks like MITRE ATT&CK.
• Basic understanding of forensic analysis tools and techniques.
• Experience with vulnerability management tools and processes.
• Knowledge of operational technology (OT) and industrial control systems (ICS) security.
• Familiarity with security orchestration and automation (SOAR) platforms.
• Understanding of DevSecOps concepts and CI/CD security integration
• Experience with threat intelligence platforms and feeds.
• Knowledge of container security (Docker Kubernetes) fundamentals
• Understanding of modern authentication protocols (OAuth SAML OIDC).
• Experience supporting security awareness programs or training initiatives.
• Strong cultural awareness for supporting global operations.
• Ability to balance security requirements with operational needs.

Required Experience:

Senior IC