Con Edison
Senior System Cyber Analyst Detection Engineering & Automation
Con Edison, New York, New York, us, 10261
Senior System Cyber Analyst Detection Engineering & Automation
This range is provided by Con Edison. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range $125,000.00/yr - $135,000.00/yr
Overview Come join us at Con Edison where we are actively seeking a highly skilled and motivated Senior System Cyber Analyst Detection Engineering & Automation to become an integral member of our growing Advanced Cyber Defense team. This senior role offers a unique opportunity to significantly enhance our threat intelligence, threat hunting, and detection engineering programs. You'll play a pivotal role in advancing our detection engineering and cybersecurity automation efforts, helping us stay ahead of emerging threats and ensuring the security of our systems. If you're passionate about cybersecurity and eager to make a substantial impact, Con Edison is the place for you. Join us and be part of a dynamic team dedicated to safeguarding our digital future.
Responsibilities
Design, implement, and continuously tune detection logic using detection-as-code principles.
Create and maintain CI/CD pipelines that automate the linting, testing, validation, and deployment of cybersecurity detections.
Manage detection and automation repositories with Git, ensuring they adhere to coding standards, documentation practices, and version control policies.
Develop and maintain comprehensive orchestration and automation playbooks in Splunk SOAR.
Build machine learning models for detecting anomalies and malicious activities. Qualifications Required Education/Experience
Master's Degree in Computer Science, Cybersecurity, or other related area and 2 years of relevant work experience.
Bachelor's Degree in Computer Science, Cybersecurity, or other related area and 3 years of relevant work experience.
Associate's Degree in Computer Science, Cybersecurity, or other related area and 4 years of relevant work experience.
High School Diploma/GED and 5 years of relevant work experience.
Relevant Work Experience
Experience in threat intelligence, threat hunting, detection engineering, or a related cybersecurity role, required.
Strong programming experience with Python or a similar language, required.
Strong knowledge of detection-as-code practices, required.
Experience with creating and maintaining CI/CD pipelines, required.
Proficiency with Git, required.
Expert knowledge in Splunk Enterprise Security and Splunk SOAR, required.
Strong proficiency in analyzing IOCs, TTPs, user activity logs, host logs, network logs, and PCAPs to identify malicious behavior, required.
Experience with MITRE ATT&CK and threat hunting frameworks, methodologies, and approaches, preferred.
Strong understanding of Incident Management and Incident Response frameworks, preferred.
Experience using Microsoft Sentinel and KQL, preferred.
Knowledge of digital forensics and investigation techniques, particularly on Windows and Linux, preferred.
Knowledge on cloud security and cloud architecture best practices, preferred.
OT/ICS Security knowledge, preferred.
Skills and Abilities
Possesses strong technical aptitude
Excellent collaboration and team building skills
Strong verbal communication and listening skills
Demonstrated written communication skills
Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
Licenses and Certifications
Driver's License Required
Other: Technical certifications (e.g. CISSP, CISM, CIPP, etc.) Preferred
Additional Physical Demands
The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
Must be able and willing to travel within Company service territory, as needed.
Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required.
Seniority level
Mid-Senior level
Employment type
Other
Job function
Information Technology
Utilities
#J-18808-Ljbffr
Base pay range $125,000.00/yr - $135,000.00/yr
Overview Come join us at Con Edison where we are actively seeking a highly skilled and motivated Senior System Cyber Analyst Detection Engineering & Automation to become an integral member of our growing Advanced Cyber Defense team. This senior role offers a unique opportunity to significantly enhance our threat intelligence, threat hunting, and detection engineering programs. You'll play a pivotal role in advancing our detection engineering and cybersecurity automation efforts, helping us stay ahead of emerging threats and ensuring the security of our systems. If you're passionate about cybersecurity and eager to make a substantial impact, Con Edison is the place for you. Join us and be part of a dynamic team dedicated to safeguarding our digital future.
Responsibilities
Design, implement, and continuously tune detection logic using detection-as-code principles.
Create and maintain CI/CD pipelines that automate the linting, testing, validation, and deployment of cybersecurity detections.
Manage detection and automation repositories with Git, ensuring they adhere to coding standards, documentation practices, and version control policies.
Develop and maintain comprehensive orchestration and automation playbooks in Splunk SOAR.
Build machine learning models for detecting anomalies and malicious activities. Qualifications Required Education/Experience
Master's Degree in Computer Science, Cybersecurity, or other related area and 2 years of relevant work experience.
Bachelor's Degree in Computer Science, Cybersecurity, or other related area and 3 years of relevant work experience.
Associate's Degree in Computer Science, Cybersecurity, or other related area and 4 years of relevant work experience.
High School Diploma/GED and 5 years of relevant work experience.
Relevant Work Experience
Experience in threat intelligence, threat hunting, detection engineering, or a related cybersecurity role, required.
Strong programming experience with Python or a similar language, required.
Strong knowledge of detection-as-code practices, required.
Experience with creating and maintaining CI/CD pipelines, required.
Proficiency with Git, required.
Expert knowledge in Splunk Enterprise Security and Splunk SOAR, required.
Strong proficiency in analyzing IOCs, TTPs, user activity logs, host logs, network logs, and PCAPs to identify malicious behavior, required.
Experience with MITRE ATT&CK and threat hunting frameworks, methodologies, and approaches, preferred.
Strong understanding of Incident Management and Incident Response frameworks, preferred.
Experience using Microsoft Sentinel and KQL, preferred.
Knowledge of digital forensics and investigation techniques, particularly on Windows and Linux, preferred.
Knowledge on cloud security and cloud architecture best practices, preferred.
OT/ICS Security knowledge, preferred.
Skills and Abilities
Possesses strong technical aptitude
Excellent collaboration and team building skills
Strong verbal communication and listening skills
Demonstrated written communication skills
Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
Licenses and Certifications
Driver's License Required
Other: Technical certifications (e.g. CISSP, CISM, CIPP, etc.) Preferred
Additional Physical Demands
The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
Must be able and willing to travel within Company service territory, as needed.
Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required.
Seniority level
Mid-Senior level
Employment type
Other
Job function
Information Technology
Utilities
#J-18808-Ljbffr