You’ll be required to register in our HR portal if you haven’t already done so.
Under general direction, performs all major job functions and supports efforts on special projects. Use operational knowledge to define/refine cyber security monitoring and maintenance policies and procedures in compliance with CIP standards.
**The position requires the ability to work a 12-hour, rotating shift that includes weekends and holidays. This position will train for on-shift SOC coverage and will provide coverage within the rotation when required for whatever length of time is required to provide required coverage.
Compliance Monitoring (30%)
- Support the security team in protecting the integrity and confidentiality of ISO-NE Bulk Electric System assets. Consistently and completely update compliance test system rules to adapt to changes in System Configuration Management Policy
- Develop and deliver reports relevant to policy compliance and follow up with non-compliance issue
Incident and Intrusion Monitoring and Response (30%)
- Following established protocols, analyze and respond to security threats from Firewall, Intrusion Detection Systems, Intrusion
- Prevention Systems, Antivirus, Network Access Controls and other security threat data source
- Evaluate and escalate events and incidents based on established escalation procedures
- Update and maintain network and system intrusion monitoring systems
- Take part in Incident Response testing
- Maintain awareness of threat universe developments
Policy Development (20%)
- Review and update Cyber Security Business Process and Procedures
- Review and update IT Policy and Procedures
- Implement procedures to address new requirements
Procedure Development (20%)
- Identify, document and implement procedures supporting threat intelligence and event management practice
- Develop, test and implement new or improved applications of existing monitoring applications
- Establish procedures and processes with other business units in support of incident response, event management and threat intelligence
- Bachelor of Science in Computer Science, Management Information Systems, Information Security, Cyber Security or related fields. Advanced degree in Cyber Security Preferred
- 2 - 7 years of experience working with information systems and networks
- 1-3+ years information security related experience in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, intrusion detection or firewall administration
- IndusCyber security toolstry security certifications preferred, including Certifications such as CISSP, CEH, Security+, SANS certification(s), Network+, GSEC, GCED, GCIH or CCNA/CCNP Security
- Cyber security tools
- Computer Forensics analysis
- Computer System Architecture and Security Testing
- Computer System Penetration Testing
- Security technologies and processes
- Regulatory Compliance frameworks
- Routing and Access Control Devices
- Network communication using TCP/IP protocols
- Computer network defense operations
- Security information event managemen
- Linux, Windows and Network Operating Systems
- Desktop operating system proficiency
Location and Benefits
ISO New England is located in Holyoke, MA. The company provides a base salary plus bonus, competitive Medical and Dental plan, paid vacation, 401k with company match, retirement plan and more. All benefits start on your first day.
We are proud to be an EEO/AA employer. Applicants for employment are considered without regard to race, creed, color, citizenship, religion, sex, sexual orientation, marital status, national origin, age, disability, status as a veteran, Vietnam Era Veteran, or being a member of the Reserves or National Guard.
We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Social Networking Notice
ISO New England reserves the right to review the candidate's postings on any social networking site accessible in the public domain as part of the candidate assessment process.
Perform initial analysis and triage of logging events and escalate to appropriate IT administrators as needed