Troops to Energy Jobs

Job Information

Eversource Energy Cyber Defense Analyst in Westwood, Massachusetts

Check out this video and find out why our team loves to work here! (https://www.youtube.com/watch?v=fHmr45H8xZE)

The Cyber Defense Analyst will work in the Eversource Security Operations Center (SOC) which is responsible for managing and protecting computer assets,networksand information systems. This position will act as the primary lead for proper handling of Information Security incidents and provide remediation actions as required. This position will also perform Threat Hunting activities looking for malicious activity in the network.

To accomplish these tasks, the candidate must have a strong understanding of computerson various operating systems, cyber-attacktactics tools and techniques, and underlying principles of networking, infrastructure, and system integration. In addition, provides technical expertise to keysecurity tools and software.

Essential Functions:

  • Performs Incident Response functions for the SOC team to ensure incidents are handled appropriately to minimize risk and impact to the company
  • Analyzes and processes case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
  • Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring flexibility and responsiveness
  • Performs threat hunting activities in various security systems looking for malicious activity which may go undetected by other means
  • Develops monitoring rules and alerts for identifying cyber security incidents
  • Assists in security incident handling to ensure timely mitigation and remediation efforts are completed
  • Produces high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
  • Must be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
  • Recommends effective process changes to enhance defense and response procedures
  • Evaluates,testsandassists in theselectionofsecurity tools

Technical Knowledge/Skill/Education/Licenses/Certifications:

Technical Knowledge/Skill:

  • Strong working knowledge of information systems security standards and practices
  • Ability to write scripts in at least one language (Python & PowerShell preferred)
  • Knowledge of the common attack vectors on thevarious OSI layers
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution)
  • Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored])
  • Knowledge of basic system administration, network, and operating system hardening techniques.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
  • Knowledge of Windows/Unix ports and services
  • Knowledge of general kill chain (e.g.,footprintingand scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Knowledgeof systems security testing and evaluation methods
  • Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark,tcpdump)
  • Knowledge of operating system command line/prompt
  • Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications

Education:       

  • Bachelor’s degree in Information Systems, related technical degree or equivalent experience                    

Experience : 

  • Minimum of three (3) to five (5) years of experience in the field of information security

Experience with one or more of the following:

  • SIEM Platforms
  • Endpoint Detection & Response technologies
  • Active Directory
  • Ethical Hacking & Penetration Testing Methodologies

Licenses & Certifications from one of the following organizations:   

  • SANS/GIAC
  • EC-Council
  • ISC2
  • CompTIA

Working Conditions

  • Must be available to work emergency restoration assignment as required
  • Must be available to travel between MA/CT/NH as necessary
  • Must be able to work off hours as required by cyber incidents

Please include a resume with your application.

Worker Type:

Regular

Number of Openings:

1

EEO Statement

Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.

VEVRRA Federal Contractor

Vaccination Information:

Eversource requires all new employees to be fully vaccinated for COVID-19 by their first day of employment.If you have any concerns regarding compliance with this requirement, you will need to discuss your concerns with Eversource’s HR department after a decision has been made about whether or not to make you a conditional offer of employment. Eversource does not require applicants to discuss vaccination status prior to receipt of a conditional offer of employment and complies with all applicable laws requiring reasonable accommodation.

Emergency Response:

Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.

DirectEmployers