National Grid Threat Hunt Analyst, Security Operations in Northboro, Massachusetts
National Grid is hiring a Threat Hunt Analyst for our security operations team in Northboro, MA.
Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
National Grid delivers gas and electricity to many millions of people across North Eastern US and Great Britain in an efficient, reliable, secure and safe manner. We protect our people, our premises, and digital systems with the objective of maintaining trust in National Grid services. Our mission is to create a world class Security team to defend critical national infrastructure in the US and the millions of customer communities that we serve.
Security Operations is a critical team responsible for the monitoring and response to Cyber threats to National Grid. Cyber Threat Hunting is at the forefront in the fight against advanced adversaries. The rate at which experienced threat actors evolve their methods of attack, far out paces the rate at which countermeasures are produced.
The Operational Threat Analytics team are responsible for conducting continual threat hunting across all National Grid environments. This activity is informed by intelligence, regarding the latest TTPs (Tactics, Techniques and Procedures) utilized by threat actors who are known to target the energy and utilities sectors. Furthermore, a wealth of intelligence exists within infection chains which have been thwarted by existing detection controls; the Operational Threat Analytics team are able to recreate and analyse the full infection chain to ensure there is no impact to National Grid’s core operations. The Operational Threat Analytics team work in unison with the penetration testing team, in order to test existing detection controls, in addition to highlighting and mitigating emerging attack vectors.
Prioritizing threat hunting hypotheses
Creation and dissemination of tactical, operational and strategic intelligence products, for stakeholders up to board level
Assisting other areas of the Threat Analytics team with their operational goals
Knowledge and Capabilities
Previous knowledge working as a CSIRT or intelligence analyst
Understanding of threat hunting analysis methods and methodologies
Basic knowledge of malware analysis
Understanding of offensive or defensive operations involving multiple operating systems, across traditional and cloud infrastructure
Must be pro-active, adaptable and results driven, whilst capable of interpreting and delivering on direction provided
The position requires a team player who must be able to work under pressure, manage multiple activities, using their own initiative and motivation to meet deadlines
Understanding of enterprise security controls in Active Directory / Linux environments
Ability to work on high pressure and time sensitive tasks
Working knowledge of common frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model or similar
Strong writing and presentation skills; ability to convey findings and recommendations to a range of audiences
• Bachelors degree in cyber security related subject, or comparable experience
• Industry standard certifications (SANS, CREST, etc.)
• Senior management from all lines of business
• Internal Cyber Security Operations Team members
• Other Information Services Teams (Major Incident Management, Problem & Change Management)
• IT Business Partners
• Cyber Security Product Managers and Engineering
Leadership Qualities and Business skills
• To build strong relationships with security operations, product, and engineering teams, bringing skills together to develop new tools and processes
• To collaborate, motivate and inspire others - be a role model with an open-mind, seeking to hear and respect diversity of thought, empowering and trusting others to make the right decisions
• To able to influence key stakeholders and connect with different parts of the business, building a network with others across the organization
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.