CSIRT Senior Analyst, Cyber Operations

Company: NATIONAL GRID CO USA (NE POWER)
Location: Northborough
Posted on: August 6, 2022

Job Description:

As part of National Grid s continued commitment to safety, all new hires must be fully vaccinated against COVID-19. Anyone unable to be vaccinated, either because of a sincerely held religious belief or medical reason can request a reasonable accommodation. Location: Northboro MA. Candidates may also reside in either, Connecticut, Massachusetts, New Hampshire, New York, Pennsylvania, Rhode Island, Vermont or contiguous states. Hybrid and flexible working is ingrained into Our Culture, this permanent role offers a mix of office and home working with occasional travel to the office. About us Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry. To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business About the role The US CSIRT Senior Analyst will work in a 24/7/365 environment performing monitoring and response activities in the National Grid Global Cyber Security Operations Center for security detection and mitigation activities. Duties include monitoring networks, hosts and endpoints for malicious activity using Security Incident and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) tools, Antivirus and Malware detection tools and email security appliances. Responsibilities cover investigation and incident response, the development of new security monitoring use cases, and ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams. This role will also take joint responsibility for developing, improving, and maintaining CSIRT documentation and processes. The US CSIRT Senior Analyst position is a fixed shift position during core business hours (9 - 5) with an occasional on-call requirement Key Accountabilities include:

• Responsible for working in a 24x7 Security Operation Center (SOC) environment
• Mentoring and development of less experienced analysts
• Provide analysis and trending of security log data from various security devices
• Provide Incident Response support when initial analysis confirms actionable incident
• Investigate, document, and report on information security issues and emerging trends
• Coordinate with other security teams on incidents, impacting National Grid as well as industry impacting issues
• Integrate and share information with other analysts and other teams About you Knowledge & Experience Preferred:
  • Relevant work experience in Cyber Security Operations, specifically monitoring, detection and incident response duties. Minimum 3 years experience required.
  • Experience with monitoring and operating SIEM, EDR and IDS/IPS solutions alongside other critical monitoring toolsets.
  • Demonstrated ability to coordinate and respond to security incidents using commercial and/or open source technologies.
  • Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
  • Comprehension of how attacks exploit operating systems and protocols. Qualifications Required:
    • Technical qualifications should include but are not limited to:
    • Relevant experience in a Security Operations environment is required.
    • Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols Hands-on experience with security technologies, including:
      • Intrusion Detection & Prevention (IDP) - Sourcefire or Palo Alto desirable.
      • Security Information & Event Management (SIEM) - Splunk desirable.
      • Endpoint Detection & Response (EDR) - Tanium and FireEye HX desirable.
      • Network Analysis tools - Wireshark, tcpdump
      • Experience with scripting in Python, Bash, Powershell desired. Experience with the following SecOps processes highly desirable:
        • Email Investigations - Including Header Analysis, Office Doc Investigations and Macro Extraction
        • Basic Malware Analysis - Dynamic analysis
        • Event Log analysis
          • Strong understanding of Windows and Linux Operating Systems
          • Strong understanding of TCP/IP and underlying network protocols
            What you get As well as your base salary, you will receive a bonus based on personal and company performance and 401K retirement savings plan, comprehensive health plans, 3 weeks paid vacation plus 10 fixed holidays and 2 personal days and an option to buy extra holidays. You will also have access to a number of flexible benefits that support your work life balance! More Information We encourage candidates to submit their applications as early as possible. National Grid s recruitment periods can and may vary. We reserve the right to remove this advert or close it to further applications at any point during the recruitment process.
            Grade: Band E2
            Global IT /Permanent
            For further information please contact SalaryUNY: $88,000 - $125,000 a year
            NE: $99,000 - $139,000 a year
            DNY: $105,000 - $149,000 a year
            Salary is commensurate with experience and location. Please be advised that due to the nature of this position, incumbents are subject to federal Drug & Alcohol safety regulations governing US Department of Transportation ("DOT") covered positions, including the Federal Motor Carrier Safety Administration (FMCSA) and Pipeline Hazardous Material Safety Administration (PHMSA). As such, the Company s testing programs and policies regarding the use of federally prohibited drugs or alcohol, for recreational or medical purposes, will remain in effect for these safety-sensitive, DOT covered positions.This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.

Keywords: NATIONAL GRID CO USA (NE POWER), Worcester , CSIRT Senior Analyst, Cyber Operations, Professions , Northborough, Massachusetts