What are the responsibilities and job description for the Cyber Security Operations Analyst - Cyber Security & TSOC position at FirstEnergy?
This position is within FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.
This position’s base reporting location is in Wadsworth Township, Ohio with significant flexible work location opportunities. This position is within FirstEnergy’s IT Security Operations and reports to the Manager of Transmission Security Operations Center (TSOC).
Preferred work location is Wadsworth, OH.
The ability to work remotely within the United States may be available based on business need. This option is not available in the states of California, Colorado, Illinois, Kentucky, Massachusetts, Montana, Nebraska, New York, Oregon or Washington at this time.
The IT Security Analyst position supports security information, incident response, forensics, threat intelligence, and event monitoring functions utilizing FirstEnergy’s Security Information and Event Management (SIEM) tool, open-sourced tools, forensic tools, threat intelligence platform (TIP), Security Orchestration, Automation and Response (SOAR) platform, and big data solutions. This role focuses primarily on monitoring the events and logs from FirstEnergy’s Information Technology, Cyber Security and Physical Security data feeds and building out analytics based on adversarial behaviors. If activity is picked up through monitoring processes, this role requires the technical expertise to investigate the scenario appropriately. The ability to work independently as well as within groups is essential to this role. Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
Responsibilities Include
Perform daily monitoring and investigative activities while on shift either days or nights
Assist with processing cases that require forensics to validate findings, produce threat intelligence, or fulfill an HR / Legal request
Process different threat reports for value and potential content development, as well as keeping up with the current / relevant threat landscape
Provide continuous feedback on opportunities to enhance current processes and content, assisting to implement those changes
Assist with engineering data to enhance analytical capabilities based on structure, enrichments, and linking between other data sets
Research new capabilities from both open and closed sourced technologies to find opportunities to enhance the Security Operation Center (SOC) ecosystem
Provide documentation for cases and forensic reports
Maintain current knowledge of relevant technology as assigned
Assist with metrics, reporting, and other SOC communications
Process and share information with other FirstEnergy security teams
Assist or lead projects designated by the SOC team
Qualifications
Associates Degree in Computer Science, Information Security, or similar discipline with a minimum of 5-7 years professional experience in a cyber or related IT function. Bachelor’s Degree preferred
Demonstrable subject matter expert knowledge in multiple major security technology systems or areas is required
Master level knowledge of relevant work experiences
Related experience includes but is not limited to : SOC (Security Operations Center) experience, IT Security experience in detection, triage, investigation, and remediation of security incidents within a network
Demonstrate strong communication skills, both verbal and written
Demonstrate creative problem solving and solutioning
Ability to work effectively, independently and within a team environment
Ability to handle, protect and preserve highly confidential information
Ability to learn independently and from others
Ability to find answers effectively using open-sourced information
Understanding of programming / scripting code (Python, PowerShell, Bash), to interpret its functionality
Understanding of both Linux and Windows operating systems
Understanding of networking concepts and technologies
Understanding of adversarial techniques (i.e., MITRE ATT&CK framework)
Basic understanding of statistics
Must be organized and comfortable with ongoing changes in priorities
Must be able to work independently with minimal supervision
