Cyber Security Incident Analyst

National Grid (https:\\


  Full Time   Employee

United States

About the Position:

The cyber security incident analyst supports the lead incident manager in responding to cyber security incidents. This would include but not be limited to remediation of vulnerabilities and incidents on desktop and server operating systems, mobile devices, embedded systems and network devices. Candidates should have a strong understanding of security operations concepts, incident and vulnerability management, network, host and application security, intrusion detection and/or other security event analysis, vulnerability management, forensics, system operations and cyber intelligence and incident remediation within a complex global organization.

Position Responsibilities (including but not limited to):

Analyze and determine the scope of the compromise
Research targeted attacks
Develop, document and execute containment strategies
Document and brief the business on remediation options and execute the plan with IS Partners
Produce final report and recommendation
Coordinate efforts of, and provide timely updates to, multiple business units during response
Performing in-depth analysis in support of incident response operations;
Develop requirements for technical capabilities for cyber incident management;
Investigate major breaches of security and recommending appropriate control improvements
Work with infrastructure and application support teams to drive closure of follow up actions identified through incident and problem management
Produce major incident and problem reports for all major incidents and problem investigations as well as internal notification to senior management
Ensure response to major incidents including escalation, follow through, dissemination of workarounds, or resolution advice and closure
Assists in Continuous Service Improvement efforts by identifying opportunities for process improvement. Drives some process improvement efforts
Aadditional responsibilities will include reporting, documenting team procedures and workflows, documentation review and improvements, attending meetings as required and working on projects to drive efficiencies
Work with global teams and Line of Business contacts for issue escalations and resolution
Planning, coordination and execution of cyber security exercises and follow up actions/lessons learned.
Business Continuity Planning
The role will require 7/24 support during Critical or High Incidents

Knowledge & Experience Required:
Experience working within a security operations environment with emphasis on cyber security incident management, network, host and application security, intrusion detection and/or other security event analysis, vulnerability management, forensics, system operations and cyber intelligence a plus.
Have working knowledge of cyber and other security policies and capabilities to prevent, detect, monitor and mitigate cyber-attacks
Should have advanced knowledge of security incident response tools, Arcsight SIEM, working knowledge of Windows, UNIX/LINUX operating systems, and networking devices.
Knowledge of NERC CIP, SCADA/ICS environments.
Strong Analytical, deductive reasoning, critical thinking, problem solving, and prioritization skills
Comfortable working outside their comfort zone with a willingness to learn
Strong Team Player with ability to take charge of their area of expertise
Understanding Organizational Risk as it applies to cyber security
Demonstrated knowledge and understanding of security technologies
Solid understanding of business organization and processes
Ability to present complex solutions and methods to a general community and the higher management
Excellent written and verbal communication and organizational skills
Excellent interpersonal skills to work with diverse personnel and stakeholders regionally and globally
Ability to work with a sense of urgency and pay attention to detail
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
Must be reliable and adaptable
Ability to develop and follow operational processes and workflows with experience in incidents handling and response
Ability to analyze complex problems in a methodical manner and work through to resolution.
Degree in information security preferred or equivalent experience
One or more of the following certifications are preferred CISSP, GIAC Certifications - GCIA, GCIH
This position is one of National Grid’s career path roles which provide for promotional opportunities within and across salary bands as you develop and evolve in the position by gaining experience, expertise and acquiring and applying technical skills.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.

:IS DIgital Security & Risk
Primary Location
Other Locations
:MA-Waltham, NY-Brooklyn, NY-Syracuse
:IS Digital Security & Risk
Job Posting
:Sep 6, 2016, 10:35:19 AM
Unposting Date

To apply for this job, contact:
Kathy Gangarossa

Save This Job

Email This Job to a Friend