Troops to Energy Jobs

Job Information

National Grid Threat Analytics & Operations Senior Analyst in Northboro, Massachusetts

About us

National Grid is hiring a Senior Threat Hunt Analyst for our security operations team in Northboro,MA.

Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of

change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.

To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and

always look for new opportunities to grow, both ourselves and our business.

About the role

National Grid delivers gas and electricity to many millions of people across North Eastern US and Great Britain in an efficient, reliable, secure and safe manner. We protect our people, our premises, and digital

systems with the objective of maintaining trust in National Grid services. Our mission is to create a world class Security team to defend critical national infrastructure in the US and the millions of customer communities that

we serve.

Security Operations is a critical team responsible for the monitoring and response to Cyber threats to National Grid. Cyber Threat Hunting is at the forefront in the fight against advanced adversaries. The rate at which

experienced threat actors evolve their methods of attack, far out paces the rate at which countermeasures are produced.

The Operational Threat Analytics team are responsible for conducting continual threat hunting across all National Grid environments. This activity is informed by intelligence, regarding the latest TTPs (Tactics,

Techniques and Procedures) utilized by threat actors who are known to target the energy and utilities sectors. Furthermore, a wealth of intelligence exists within infection chains which have been thwarted by existing

detection controls; the Operational Threat Analytics team are able to recreate and analyse the full infection chain to ensure there is no impact to National Grid’s core operations. The Operational Threat Analytics team

work in unison with the penetration testing team, in order to test existing detection controls, in addition to highlighting and mitigating emerging attack vectors.

Key Accountabilities

  • Host and network based detection content creation

  • Hypothesis driven hunting reports containing configuration recommendations

  • Providing a tangible security posture related to known threat actor TTPs

  • Malware and infection chain analysis reports for internal use and community sharing

  • Creation and deployment of active countermeasures

About you

Knowledge and Capabilities

  • Experienced in an analytical role of either network forensics, security analyst, threat intelligence, or security consultant/engineer

  • Experience conducting offensive or defensive operations involving multiple operating systems, across traditional and cloud infrastructure

  • Practical application of threat hunting methods and processes

  • Able to prioritise threats to the organisation, and accordingly create, test and deploy host and network based detection content

  • Ability to work on high pressure and time sensitive tasks

  • Working knowledge of common frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model or similar

  • Technical experience in at least three of the following areas: Detection engineering with experience in pattern-matching languages (OpenIOC, Yara, Snort/Suricata, or similar signature framework)

  • Windows disk and memory forensics, Network Security Monitoring (NSM), network traffic analysis, and log analysis, Unix or Linux disk and memory forensics, Basic Static and dynamic malware analysis

  • Understanding of enterprise security controls in Active Directory / Linux environments

  • Strong writing and presentation skills; ability to convey findings and recommendations to a range of audiences


Required - Bachelors degree in cyber security related subject, or comparable experience

Desired - Industry standard certifications (SANS, CREST, etc.)

More Information

This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical

skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.

National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver

superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to

join the National Grid team