National Grid Threat Analytics & Operations Senior Analyst in Northboro, Massachusetts
National Grid is hiring a Senior Threat Hunt Analyst for our security operations team in Northboro,MA.
Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of
change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and
always look for new opportunities to grow, both ourselves and our business.
About the role
National Grid delivers gas and electricity to many millions of people across North Eastern US and Great Britain in an efficient, reliable, secure and safe manner. We protect our people, our premises, and digital
systems with the objective of maintaining trust in National Grid services. Our mission is to create a world class Security team to defend critical national infrastructure in the US and the millions of customer communities that
Security Operations is a critical team responsible for the monitoring and response to Cyber threats to National Grid. Cyber Threat Hunting is at the forefront in the fight against advanced adversaries. The rate at which
experienced threat actors evolve their methods of attack, far out paces the rate at which countermeasures are produced.
The Operational Threat Analytics team are responsible for conducting continual threat hunting across all National Grid environments. This activity is informed by intelligence, regarding the latest TTPs (Tactics,
Techniques and Procedures) utilized by threat actors who are known to target the energy and utilities sectors. Furthermore, a wealth of intelligence exists within infection chains which have been thwarted by existing
detection controls; the Operational Threat Analytics team are able to recreate and analyse the full infection chain to ensure there is no impact to National Grid’s core operations. The Operational Threat Analytics team
work in unison with the penetration testing team, in order to test existing detection controls, in addition to highlighting and mitigating emerging attack vectors.
Host and network based detection content creation
Hypothesis driven hunting reports containing configuration recommendations
Providing a tangible security posture related to known threat actor TTPs
Malware and infection chain analysis reports for internal use and community sharing
Creation and deployment of active countermeasures
Knowledge and Capabilities
Experienced in an analytical role of either network forensics, security analyst, threat intelligence, or security consultant/engineer
Experience conducting offensive or defensive operations involving multiple operating systems, across traditional and cloud infrastructure
Practical application of threat hunting methods and processes
Able to prioritise threats to the organisation, and accordingly create, test and deploy host and network based detection content
Ability to work on high pressure and time sensitive tasks
Working knowledge of common frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model or similar
Technical experience in at least three of the following areas: Detection engineering with experience in pattern-matching languages (OpenIOC, Yara, Snort/Suricata, or similar signature framework)
Windows disk and memory forensics, Network Security Monitoring (NSM), network traffic analysis, and log analysis, Unix or Linux disk and memory forensics, Basic Static and dynamic malware analysis
Understanding of enterprise security controls in Active Directory / Linux environments
Strong writing and presentation skills; ability to convey findings and recommendations to a range of audiences
Required - Bachelors degree in cyber security related subject, or comparable experience
Desired - Industry standard certifications (SANS, CREST, etc.)
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical
skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver
superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to
join the National Grid team