Troops to Energy Jobs

Job Information

Pacificorp Cyber Security Analyst I, II, III or Senior #106367 in PORTLAND, Oregon

Cyber Security Analyst I, II, III or Senior #106367

Date: Nov 10, 2021

Location: PORTLAND, OR, US, 97232

Company: PacifiCorp


PacifiCorp is seeking customer-centric candidates to grow and sustain our commitment to a culture of customer service excellence, environmental sustainability and diversity, equity and inclusion.

General Purpose

Working with significant independence and under general direction, performs operational activities including event monitoring, evaluation, and response to security events. Respond to real-time security incidents and supports activities for response, containment, and event forensics.

Responsibilities

  • Effectively monitor the Security Information and Event Management system (SIEM). Respond to alarms and other indications of cybersecurity incidents. Determine whether malicious activity has occurred, then evaluate, contain, eradicate, and report. (20%)

  • Examine incoming event streams for potential security concerns and anomalies. Evaluate concerns until a determination is made of false positive or root cause can be determined. Evaluate anomalies and refine and tune the existing automated alerts to improve performance, work with vendors and IT partners to resolve system configuration issues affecting GSOC operational efficacy and efficiency (20%)

  • Continuously review the SIEM and supporting toolset for efficacy and efficiency improvement opportunities. Compare SIEM functions against industry best practices and compliance requirements to identify and recommend improvements. (10%)

  • Evaluate logs and alarms for threat actor activity that may not otherwise be captured by automated correlation and alarming. (20%)

  • Support compliance requirements including CIPS, including the documentation of monitoring and review activities related to CIPS assets and any other compliance obligations as needed. (10%)

  • Provide timely and accurate cross-platform support in response to security threats. (10%)

  • Perform any additional responsibilities as requested or assigned. (10%)

Requirements for this position include the following:

Requirements for the Level I include:

  • Bachelor’s degree in Computer Science, Information Technology, or related field; or equivalent work experience. (Typically, six years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a bachelor’s degree.)

  • One to three years of experience in Security Information Management or related field.

  • One year of hands on experience with information security technologies such as IDS/IPS, WAF, SIEM, honeypots, malware analysis, red or blue team engagements.

  • One year of hands on experience with a production Security Information and Event Management system (Qradar, Splunk, Loglogic, etc.) and associated incident response experience.

  • Knowledge of security principles is desired through achievement and active pursuit of advanced security certification including CISM or CISSP or equivalent.

  • Exposure to programming and scripting languages such as PERL, Python, Go, and Powershell, as well as open source security tools such as Syslog-NG, SNORT, Cuckoo, etc.

  • Ability to construct and execute database queries using SQL.

  • Technical knowledge of Microsoft Windows and Linux operating systems, databases (Oracle/SQL), Cisco network gear, and at least one major firewall.

  • Technical knowledge of TCP/IP, proxies, and web application firewalls.

  • Experience with vulnerability management tools and concepts (CVSS, Nexpose, Nessus, etc.) General knowledge of information technology terms, equipment, systems, functions, and major vendors – Information Technology work experience strongly preferred. (Server, endpoint, software development, application support, network, etc.)

  • Effective analytical, problem-solving and decision-making skills. Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.

In addition, the requirements for the Level II include:

  • Three years' experience in Security Information Management or related field.

  • Three years of hands on experience with information security technologies such as IDS/IPS, WAF, SIEM, honeypots, malware analysis, red or blue team engagements.

  • Two years of hands on experience with a production Security Information and Event Management system (Qradar, Splunk, Loglogic, etc.) and associated incident response experience.

In addition, the requirements for the Level III include:

  • Five years' experience in Security Information Management or related field.

  • Four years of hands on experience with information security technologies (IDS/IPS, WAF, honeypots, malware analysis, red or blue team engagements, etc..)

  • Three years of hands on experience with a production Security Information and Event Management system (Qradar, Splunk, Loglogic, etc..) with associated incident response experience. Familiarity with at least one programming and scripting language such as PERL, Python, Ruby, C#, C++, Go, Rust, BASH, and Powershell, as well as open source security tools such as Syslog-NG, SNORT, Cuckoo, etc. Ability to construct and execute complex database queries using SQL (Structured Query Language), KQL (Kibana Query Language), or eDSL (Elasticsearch Domain Specific Language). Effective written communication skills appropriate for a senior analyst position – outward and downward to support GSOC functions, and upward for resolving issues.

In addition, the requirements for the Level Sr Level include:

  • Six years' experience in Security Information Management or related field including three years’ experience in a managerial or team lead position. Demonstrated effective team leadership skills.

Additional Information

Req Id: 106367

Company Code: PacifiCorp

Locations: IA-Des Moines, OR-Portland, United States, UT-Salt Lake City, NV-Las Vegas, NE-Omaha

Department: PacifiCorp Corporate

Schedule: Full Time

Personnel Subarea: Exempt

Hiring Range: 71,100-127,300

Employees must be able to perform the essential functions of the position with or without an accommodation.

At PacifiCorp, we encourage everyone to work together. We embrace diversity and value the distinct perspectives of all our employees. We strive to cultivate a workplace that connects each employee to the organization and enables all individuals to participate and contribute to their full potential.

It is PacifiCorp's policy to provide and promote equal employment opportunity to all employees and applicants in accordance with local, state and federal laws and regulations governing personnel activities. In accordance with federal guidelines, PacifiCorp is committed to a program of affirmative action. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, veteran status, national origin, sexual orientation or gender identity.

All offers of employment are contingent upon the successful completion of a background check and drug screening

DirectEmployers