Cyber Security Operations Center Analyst - TX,US - CenterPoint Energy

Cyber Security Operations Center Analyst - TX,US - CenterPoint Energy

Job description
Summary

The CSOC Analyst II actively monitors the CenterPoint Energy network for security threats, detects patterns of malicious activity, analyzes security events and responds to cyber incidents. The primary duties of the CSOC Analyst II are to detect threats to the network and help coordinate the response to cyber events.

Essential Duties And Responsibilities
  • Monitor network traffic for security events and perform triage analysis to identify security incidents.
  • Respond to cyber security incidents by collecting, analyzing, and preserving digital evidence; must also ensure that incidents are recorded and tracked in accordance with all Security Operations Center requirements.
  • Develops threat trend analysis reports and metrics.
  • Supports SOC analysis, handling and response activity.
  • Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
  • Author Standard Operating Procedures (SOPs) and training documentation as needed.
  • This contractor and subcontractor shall abide by the requirements of 41 CFR
  • 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disablity.
  • Certifications preferred include: GSEC, GMON, GCIH or CISSP
Experience
  • 3+ years of information security operations center or incident response experience
  • 2 years in an SOC Analyst or Incident Responder/Handler role.
  • 2 years experience managing cases with enterprise SIEM systems, such as - Arcsight, Splunk or QRadar.
  • Experience documenting activities in a service management ticketing system required.
  • Able to perform cyber threat intelligence gathering and analysis highly preferred
  • Highly prefer working knowledge of the Microsoft Endpoint Security, Wireshark or other packet analysis tool, malware analysis
  • Competencies
  • Business and Financial Acumen – Understand the impact actions and decision have on the bottom line of the enterprise.
  • Coaching and Development – Develop others’ capabilities to empower them to reach their potential.
  • Collaboration – Eliminate boundaries and drive common goals.
  • Connecting, Listening, and Sharing – Maintain open, active, two-way communication
  • Customer Focus Through Service – Understand and exceed the expectations of internal and external customers
  • Enterprise Mindset – Act in way that are best for the company as a whole
  • Results Orientation – Reject the status-quo, find opportunities to improve and drive outstand business results
  • Steadiness - Demonstrate strength, poise, and an appropriate presence.
  • Physical Requirements
  • Able to conduct physical inventories, inspect facilities and lift/carry portable computer equipment.
  • Able to hear oral communication either in person or on equipment such as telephone and/or mobile phone.
  • Able to use a laptop or personal computer and software, including word processing, spreadsheets, presentation and e-mail.
  • Able to view a computer monitor or laptop screen for extended periods of time.
  • Able to operate office equipment, including multi-line telephone, mobile phone, photocopier, fax machine, scanner, calculator and other office equipment (such as GBC machine, electric stapler, hole punch).
  • Able to sit for extended periods of time.
  • Able to bend, stoop, kneel, crouch, reach, grasp and/or move items repeatedly, on a daily basis.
  • Able to exert up to 10 pounds of force occasionally, and/or a minimal amount of force frequently to lift, carry, push, pull, or otherwise move objects.
  • Working Conditions
  • Able to work indoors, in an office environment, either cubicle or open office.
  • Able to work under direct supervision and meet deadlines.
  • Able to work overtime (scheduled and/or unscheduled, nights and/or weekends) occasionally, as needed or required to meet established deadlines.
  • Ability to travel as necessary to complete job responsibilities.
  • May be required to remain in the service area during emergency events and assume responsibilities assigned by the company to aide in restoration efforts.