Senior US CSIRT Analyst
About usNational Grid is seeking an innovative, and experienced senior US CSIRT Analyst to join our World Class Cybersecurity team in Northboro, MA.
Every day we deliver safe and secure energy to homes, communities, and businesses.
We are there when people need us the most.
We connect people to the energy they need for the lives they live.
The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow.
This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
We Offer the following BenefitsFinancialHigh 401(k) company matchHelp with Student Loan paybackTuition Assistance and RewardsComprehensive Discount program including electric vehiclesPet InsuranceAdoption AssistanceProfessional developmentA highly skilled team to work and learn fromMultiple Avenues for On-Demand TrainingCommitment to promoting from withinSeveral Employee Resource Groups including Women in Non-Traditional RolesWork Life BalanceExcellent Healthcare and Dental InsuranceHSA plan with company seedGenerous Paid Time Off and Parental LeaveCaregiver programEmployee Assistance ProgramJob PurposeThe US CSIRT Senior Analyst will work in a 24/7/365 environment performing monitoring and response activities in the National Grid Global Cyber Security Operations Center for security detection and mitigation activities.
Duties include monitoring networks, hosts and endpoints for malicious activity using Security Incident and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) tools, Antivirus and Malware detection tools and email security appliances.
Responsibilities cover investigation and incident response, the development of new security monitoring use cases, and ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams.
This role will also take joint responsibility for developing, improving, and maintaining CSIRT documentation and processes.
The US CSIRT Senior Analyst position is a fixed shift position during core business hours with an occasional on-call requirement.
To act as the global technical security engineering and design authority accountable for aligned portfolios within cyber security operations.
To help detect and defend against cyber criminals and advanced threat groups by discovering and analyzing cyber threat information to produce actionable intelligence that enhances situational awareness of threats.
Key AccountabilitiesResponsible for working in a 24x7 Security Operation Center (SOC) environment.
Mentoring and development of less experienced analysts.
Provide analysis and trending of security log data from various security devices.
Provide Incident Response support when initial analysis confirms actionable incident.
Investigate, document, and report on information security issues and emerging trends.
Coordinate with other security teams on incidents, impacting National Grid as well as industry impacting issues.
Integrate and share information with other analysts and other teams.
Key InterfacesSecurity Operations Centre AnalystsGlobal Security Operations ManagerIncident Management Team (UK & US)Threat Intelligence TeamPen Testing TeamSecurity Engineering FunctionIS partners and Service providers (Service Delivery & Major Incident Management)OT Technical support Knowledge & Experience PreferredRelevant work experience in Cyber Security Operations, specifically monitoring, detection and incident response duties.
Minimum 3 years experience required.
Experience with monitoring and operating SIEM, EDR and IDS/IPS solutions alongside other critical monitoring toolsets.
Demonstrated ability to coordinate and respond to security incidents using commercial and/or open source technologies.
Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
Comprehension of how attacks exploit operating systems and protocols.
QualificationsTechnical qualifications should include but are not limited to:
Relevant experience in a Security Operations environment is required.
Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocolsHands-on experience with security technologies, including:
Intrusion Detection & Prevention (IDP) - Sourcefire or Palo Alto desirable.
Security Information & Event Management (SIEM) - Splunk desirable.
Endpoint Detection & Response (EDR) - Tanium and FireEye HX desirable.
Network Analysis tools - Wireshark, tcpdumpExperience with scripting in Python, Bash, Powershell desired.
Experience with the following SecOps processes highly desirable:
Email Investigations - Including Header Analysis, Office Doc Investigations and Macro ExtractionBasic Malware Analysis - Dynamic analysisEvent Log analysisStrong understanding of Windows and Linux Operating SystemsStrong understanding of TCP/IP and underlying network protocolsCore Business Skills Excellent stakeholder management and influencing skills covering colleagues, partners / vendors and project sponsors.
Experience supporting the operationalization of security tools and infrastructure.
Experience of managing and responding to information security, or cyber security, incidents in a large enterprise environment.
Strong background of information security incident management and response;Experience interacting as an information security incident responder with internal business functions,Experience interacting as an information security incident responder with other external agencies such as DHS or National Computer Emergency Response Teams.
Utilities experience desirable.
More InformationThis position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills.
Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise.
We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve.
National Grid is proud to be an affirmative action employer.
We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
Every day we deliver safe and secure energy to homes, communities, and businesses.
We are there when people need us the most.
We connect people to the energy they need for the lives they live.
The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow.
This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
We Offer the following BenefitsFinancialHigh 401(k) company matchHelp with Student Loan paybackTuition Assistance and RewardsComprehensive Discount program including electric vehiclesPet InsuranceAdoption AssistanceProfessional developmentA highly skilled team to work and learn fromMultiple Avenues for On-Demand TrainingCommitment to promoting from withinSeveral Employee Resource Groups including Women in Non-Traditional RolesWork Life BalanceExcellent Healthcare and Dental InsuranceHSA plan with company seedGenerous Paid Time Off and Parental LeaveCaregiver programEmployee Assistance ProgramJob PurposeThe US CSIRT Senior Analyst will work in a 24/7/365 environment performing monitoring and response activities in the National Grid Global Cyber Security Operations Center for security detection and mitigation activities.
Duties include monitoring networks, hosts and endpoints for malicious activity using Security Incident and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) tools, Antivirus and Malware detection tools and email security appliances.
Responsibilities cover investigation and incident response, the development of new security monitoring use cases, and ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams.
This role will also take joint responsibility for developing, improving, and maintaining CSIRT documentation and processes.
The US CSIRT Senior Analyst position is a fixed shift position during core business hours with an occasional on-call requirement.
To act as the global technical security engineering and design authority accountable for aligned portfolios within cyber security operations.
To help detect and defend against cyber criminals and advanced threat groups by discovering and analyzing cyber threat information to produce actionable intelligence that enhances situational awareness of threats.
Key AccountabilitiesResponsible for working in a 24x7 Security Operation Center (SOC) environment.
Mentoring and development of less experienced analysts.
Provide analysis and trending of security log data from various security devices.
Provide Incident Response support when initial analysis confirms actionable incident.
Investigate, document, and report on information security issues and emerging trends.
Coordinate with other security teams on incidents, impacting National Grid as well as industry impacting issues.
Integrate and share information with other analysts and other teams.
Key InterfacesSecurity Operations Centre AnalystsGlobal Security Operations ManagerIncident Management Team (UK & US)Threat Intelligence TeamPen Testing TeamSecurity Engineering FunctionIS partners and Service providers (Service Delivery & Major Incident Management)OT Technical support Knowledge & Experience PreferredRelevant work experience in Cyber Security Operations, specifically monitoring, detection and incident response duties.
Minimum 3 years experience required.
Experience with monitoring and operating SIEM, EDR and IDS/IPS solutions alongside other critical monitoring toolsets.
Demonstrated ability to coordinate and respond to security incidents using commercial and/or open source technologies.
Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
Comprehension of how attacks exploit operating systems and protocols.
QualificationsTechnical qualifications should include but are not limited to:
Relevant experience in a Security Operations environment is required.
Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocolsHands-on experience with security technologies, including:
Intrusion Detection & Prevention (IDP) - Sourcefire or Palo Alto desirable.
Security Information & Event Management (SIEM) - Splunk desirable.
Endpoint Detection & Response (EDR) - Tanium and FireEye HX desirable.
Network Analysis tools - Wireshark, tcpdumpExperience with scripting in Python, Bash, Powershell desired.
Experience with the following SecOps processes highly desirable:
Email Investigations - Including Header Analysis, Office Doc Investigations and Macro ExtractionBasic Malware Analysis - Dynamic analysisEvent Log analysisStrong understanding of Windows and Linux Operating SystemsStrong understanding of TCP/IP and underlying network protocolsCore Business Skills Excellent stakeholder management and influencing skills covering colleagues, partners / vendors and project sponsors.
Experience supporting the operationalization of security tools and infrastructure.
Experience of managing and responding to information security, or cyber security, incidents in a large enterprise environment.
Strong background of information security incident management and response;Experience interacting as an information security incident responder with internal business functions,Experience interacting as an information security incident responder with other external agencies such as DHS or National Computer Emergency Response Teams.
Utilities experience desirable.
More InformationThis position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills.
Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise.
We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve.
National Grid is proud to be an affirmative action employer.
We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
