Cybersecurity Analyst III - V

POSITION SUMMARY:

The Cybersecurity Analyst is responsible for safeguarding the Corporation's data, systems, and cybersecurity posture. This includes managing endpoint security solutions, protecting cloud environments (e.g., Microsoft 365 and Microsoft Azure), and overseeing key security tools and capabilities. The Analyst develops and maintains cybersecurity policies, architectures, and standards to ensure compliance with industry regulations and best practices.

The role monitors emerging threats, responds to security incidents, and conducts investigations to mitigate vulnerabilities. Cybersecurity Analysts implement data classification frameworks, enforce secure handling of sensitive information, and manage encryption protocols. They deploy and optimize cybersecurity tools, manage threat intelligence platforms, and proactively address risks to ensure organizational resilience.

This position requires strong analytical skills, technical expertise, and the ability to collaborate across teams to maintain a secure IT environment.

Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, SOX, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives.

JOB DUTIES/ESSENTIAL FUNCTIONS

• Endpoint Security Management:Manage endpoint detection and response (EDR) solutions and ensure optimal configuration and operation across corporate systems. Monitor and respond to endpoint threats, implement remediation measures, and maintain system integrity.
• Cloud Security Management:Design, implement, and maintain cloud security solutions, focusing on platforms such as Microsoft 365 and Microsoft Azure. Ensure secure configurations, monitor cloud environments for potential threats, manage access controls, and safeguard cloud-based resources.
• Data Protection and Classification:Develop and implement data protection strategies, including encryption, secure storage, and access control measures. Establish and maintain data classification frameworks to ensure sensitive information is securely handled and complies with regulatory requirements.
• Threat Intelligence, Incident Response, and Investigation:Monitor emerging threats and maintain situational awareness through threat intelligence platforms. Respond to security incidents by investigating root causes, analyzing attack vectors, and documenting findings. Collaborate with teams on mitigation strategies to prevent recurrence and improve overall security posture.
• Cybersecurity Tools Management:Deploy, configure, and maintain cybersecurity tools and capabilities, such as intrusion detection systems (IDS), security information and event management (SIEM) systems, vulnerability management platforms, and other security solutions. Monitor tool efficacy and update configurations as needed.
• Policy, Architecture, and Standards Development:Establish, review, and update cybersecurity policies, architectures, and standards to align with industry best practices and regulations. Collaborate with stakeholders to ensure policies are actionable and effectively implemented across the organization.

REQUIRED QUALIFICATIONS

Education: A Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, Engineering, Information Systems, or a related field from an accredited college or university.

Cybersecurity Analyst III

Experience: Minimum of 4 years in managing cybersecurity tools, implementing secure cloud configurations, leading data protection strategies, and conducting security investigations.

Equivalent Experience: Minimum of 8 years of relevant experience may also be considered.

Responsibility: Independently manages endpoint and cloud security systems, leads data protection initiatives, investigates security incidents, and contributes to threat intelligence monitoring and policy development.

Cybersecurity Analyst IV

Experience: Minimum of 6 years in designing and managing cybersecurity systems, implementing secure cloud strategies, developing data protection measures, and proactively using threat intelligence.

Equivalent Experience: Minimum of 10 years of relevant experience may also be considered.

Responsibility: Leads projects for the implementation of advanced cybersecurity tools and solutions, focusing on cloud security for Microsoft Azure and Microsoft 365. Investigates complex incidents, analyzes threat intelligence, and develops detailed policies and standards. Provides technical expertise across the IT function.

Cybersecurity Analyst V

Experience: Minimum of 8 years in architecting and managing cybersecurity tools, implementing secure cloud strategies, overseeing enterprise-wide data protection measures, and leading incident response efforts.

Equivalent Experience: Minimum of 12 years of relevant experience may also be considered.

Responsibility: Oversees major projects involving cybersecurity architecture, cloud security tool implementation, and compliance strategies. Provides leadership in incident response, threat intelligence integration, and enterprise security policy development.

Licenses, Certifications and/or Registrations:

• Relevant certificationsare a plus:
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security+
• Microsoft Certified: Azure Security Engineer Associate
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Certified Incident Handler (GCIH)
• GIAC Security Essentials Certification (GSEC)
• Certified Ethical Hacker (CEH)
• ITIL Foundation

Specialized Skills (e.g., typing, computers, software, tools and equipment uses, etc.):

• Technical Expertise:
• Proficiencyin endpoint security solutions (e.g., EDR, antivirus, DLP).
• Strong knowledge of cloud security principles, especially forMicrosoft 365 and Microsoft Azure.
• Experience with cybersecurity tools such as SIEM platforms, vulnerability management systems, and IDS/IPS tools.
• Familiarity with data encryption, secure storage solutions, and access control mechanisms.
• Understanding ofthreat intelligence platforms and proactive risk management strategies.
• Security
• In-depth understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements (e.g., NERC CIP, SOX).
• Expertise inincident response processes and forensic investigation techniques.
• Knowledge of advanced security architectures, policies, and standards.
• Soft Skills:
• Excellent problem-solving/analyticalskills and attention to detail.
• Good oral and written communication and interpersonal skills.
• Excellent customer service focus and positive attitude.
• Ability to work independently and as part of a team.