Location: Austin, Texas 78703
General Overview: At a senior level, the Cybersecurity or Vulnerability Analyst is responsible for maintaining and operating various security measures and software to ensure cybersecurity functions such as access control, monitoring, and vulnerability assessment. The role involves supporting end-users to ensure they are protected from malicious software and cyber threats, testing and recommending security measures to mitigate risk, and providing reports and information related to information security issues.
Responsibilities

• Perform risk assessments and recommend security measures.
• Monitor security systems for potential intrusions.
• Interact with end-users regarding malware, spam, vulnerabilities, and other cybersecurity issues.
• Review and create audit reports on user and system activities.
• Analyze system-generated logs for anomalies and take appropriate actions.
• Proactively identify new threats and risks in the network.
• Document, deploy, review, and maintain cybersecurity policies, standards, guidelines, and procedures.
• Plan and implement cybersecurity technology projects.
• Provide business continuity/disaster recovery and risk analysis expertise.
• Monitor security alerts from the internet and other intelligence feeds, determining the impact on IT or operational technology systems.
• Provide technical consulting to other groups on cybersecurity requirements.
• Implement and ensure technical security systems, including SIEM, VAT, network IDS, antivirus, web and email filters, and firewalls.
• Perform cybersecurity incident response activities.
• Document and maintain evidence to demonstrate NERC CIP regulatory compliance.
• Create and deliver security training materials and classes for asset owners, software developers, and system administrators.
• Provide oversight regarding compliance with security regulations, standards, and laws.
• As a Cyber Security Coordinator (CSC), ensure NERC CIP system processes and procedures are developed and implemented, and oversee NERC compliance efforts.

Required Qualifications

• Nine or more years of experience in cybersecurity or relevant experience.
• A degree(s) in information technology, computer science, or a relevant field may substitute certain years of experience.
• Advanced skill level in security vulnerability scanning tools.
• Knowledge of business continuity planning and disaster recovery.
• Knowledge of anti-virus and anti-spam technologies.
• Knowledge of technology asset management.
• Knowledge of technology hardware and software platforms and systems.
• Strong analytical and technical documentation skills.
• Excellent verbal and written communication skills.
• Ability to articulate complex, technical information to both technical and non-technical audiences.
• Skill in analyzing significant volumes of detailed information and understanding security implications.
• Ability to understand complex systems across diverse technical platforms.
• Intermediate skill level in Microsoft Office and software update tools.
• Advanced skill level in network security and web filtering software.
• Ability to balance and manage competing high-priority work demands.
• Ability to build relationships and foster teamwork.
• Ability to work in a team environment.
• Ability to conduct sensitive security investigations and maintain confidentiality.
• Driver’s license.

Preferred Qualifications

• CISSP, GIAC, or similar certification.

Work Environment

• Majority of work hours are spent in an office environment.
• May require working in noisy environments near heavy equipment.
• Work may involve weekends, holidays, and non-standard hours.
• Provides 24/7/365 on-call support on a rotating basis.
• Travel and lodging out of town may be required.