Electricenergyonline
Senior Cyber Threat Specialist - Threat Intelligence Analyst Pacific Gas and Ele
Electricenergyonline, New York, New York, United States
Position Summary
Delivers information security services in support of PG&E's enterprise security goals and objectives. Utilizes a variety of commercial and custom tools and processes to provide information security services. Duties include but are not limited to: identifying and acting on pertinent Indicators of Compromise, identifying and communicating of physical or cybersecurity intelligence, and reporting of intelligence findings on security incidents to Cybersecurity leadership. This position requires analytical thinking, written and verbal communication skills, technical log and security tool analysis skills, and documentation of all work being performed.
This position is for Day-Shift, and the Senior Threat Intelligence Analyst will be responsible for working towards continuous improvement through new processes, mastering and being a subject matter expert of current processes, waste elimination efforts, and collaboration with teams both within and outside of Cybersecurity.
This position is hybrid, working from our Concord location Tuesday, Wednesday, and Thursday. The remaining days will be from your remote office.
Job Responsibilities
Identifies, tracks, and monitors emerging security threats, vulnerabilities and trends
Keeps current with changing technologies, threat actors and geopolitical events which could impact stability and operations
Maintain knowledge of adversary activities, including intrusion tactics, attack techniques
and operational procedures. Use intelligence feeds and OSINT to maintain situational awareness to identify, track, and monitor emerging security threats and trends regarding threats to PG&E, the utility industry and US critical infrastructure Provide orated threat briefs to internal Cybersecurity teams, various teams across the organization, and sometimes executives Research and author Threat Assessment Reports for Risk Organization Research and author intelligence-driven threat hunting packages Investigate and respond to potential cybersecurity incidents discovered while hunting and assist Incident Response team as needed, including
after escalation Analysis of security event logs from a variety of sources Ability to analyze malware/exploits through forensics, observation of network traffic and using packet capture or other tools and resources to determine if PG&E systems are vulnerable or exploited Documentation of analysis, including summarization for executive review Effectively prioritize multiple high-visibility work streams and coordinate resources Provide subject matter expertise on security analysis services, tools, processes, and procedures, mentoring junior team members, and improving services May help coach less experienced employees Identifies and makes recommendations for improvements to current security services, tools, processes, and procedures Drive continuous improvement initiatives and processes in order to improve team efficacy and efficiency Collaborate with teams within the SIOC, cybersecurity as a whole, IT as a whole, and the multiple lines of business we interact with Work cross-functionally to recommend, facilitate, and test security control improvements Share on-call responsibility outside of business hours, onsite and remote Qualifications Minimum: High School or GED-General Educational Development-GED Diploma 4 years experience in IT-Information Technology security, multi-platform, or job-related experience
Desired: Bachelor's degree in Cybersecurity, Computer Science, or job-related discipline or equivalent work experience Basic scripting skills Knowledge of MITRE ATT&CK Enterprise Matrix Knowledge of all layers of the OSI stack Formal IT Security/Network Certification, such as WCNA, CompTIA Network+ and Security +, Cisco CCNA, ISC2 CISSP, GIAC GCIH, GMON, GCFA, GCFE, GREM, GICSP, GRID, or other relevant certifications Previous experience supporting cyber defense analysis of Operational Technology (OT) Networks, including Industrial Controls Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Process Control Networks (PCN) Utility Industry experience Technical knowledge of operating systems (e.g., UNIX, Windows). Experience with compliance standards: NERC-CIP, SOX, TSA Previous experience working with various Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and digital forensic technologies Read the full posting. #J-18808-Ljbffr
and operational procedures. Use intelligence feeds and OSINT to maintain situational awareness to identify, track, and monitor emerging security threats and trends regarding threats to PG&E, the utility industry and US critical infrastructure Provide orated threat briefs to internal Cybersecurity teams, various teams across the organization, and sometimes executives Research and author Threat Assessment Reports for Risk Organization Research and author intelligence-driven threat hunting packages Investigate and respond to potential cybersecurity incidents discovered while hunting and assist Incident Response team as needed, including
after escalation Analysis of security event logs from a variety of sources Ability to analyze malware/exploits through forensics, observation of network traffic and using packet capture or other tools and resources to determine if PG&E systems are vulnerable or exploited Documentation of analysis, including summarization for executive review Effectively prioritize multiple high-visibility work streams and coordinate resources Provide subject matter expertise on security analysis services, tools, processes, and procedures, mentoring junior team members, and improving services May help coach less experienced employees Identifies and makes recommendations for improvements to current security services, tools, processes, and procedures Drive continuous improvement initiatives and processes in order to improve team efficacy and efficiency Collaborate with teams within the SIOC, cybersecurity as a whole, IT as a whole, and the multiple lines of business we interact with Work cross-functionally to recommend, facilitate, and test security control improvements Share on-call responsibility outside of business hours, onsite and remote Qualifications Minimum: High School or GED-General Educational Development-GED Diploma 4 years experience in IT-Information Technology security, multi-platform, or job-related experience
Desired: Bachelor's degree in Cybersecurity, Computer Science, or job-related discipline or equivalent work experience Basic scripting skills Knowledge of MITRE ATT&CK Enterprise Matrix Knowledge of all layers of the OSI stack Formal IT Security/Network Certification, such as WCNA, CompTIA Network+ and Security +, Cisco CCNA, ISC2 CISSP, GIAC GCIH, GMON, GCFA, GCFE, GREM, GICSP, GRID, or other relevant certifications Previous experience supporting cyber defense analysis of Operational Technology (OT) Networks, including Industrial Controls Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Process Control Networks (PCN) Utility Industry experience Technical knowledge of operating systems (e.g., UNIX, Windows). Experience with compliance standards: NERC-CIP, SOX, TSA Previous experience working with various Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and digital forensic technologies Read the full posting. #J-18808-Ljbffr