Security Analyst

Security Analyst

ENOC - SSC

The primary function of this role is to monitor the ENOC environment on a 24*7 basis and conduct initial analyses for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to performing first response assessment of the cyber security incident and escalating to the Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.

• Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
• Acknowledge, analyze and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solutions
• Acknowledge, analyze and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
• Gain an understanding of security risks and controls
• Undertake first stages of false positive and false negative analysis
• Perform analysis of log files to collect more contextual information in order to triage security events
• Review and align priority, severity and classification of security incidents
• Collect contextual information and pursue technical root cause analysis & attack method analysis
• Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls that led to the incident materializing
• Analyze reported cyber security events and incidents and recommend remediation and improvement actions
• Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC
• Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
• Participate in post‑incident reviews and recommend improvement plans
• Investigate, document, and report on information security issues and emerging trends
• Should be on‑call 24 hours per day to respond to security emergencies or other related problems
• Should work on shift schedules which include weekends

• Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience
• Required professional certifications: CISSP, GCTI, GCFA, GNFA

• 5+ years of information security or technology experience
• 3+ years of relevant experience
• Working experience in multiple industries (e.g., Energy, Utilities, Retail, Government) is preferable
• Working experience in cyber security threat monitoring and handling
• Exposure to OT security operation center experience will be a plus