Cyber Security Operations Analyst - Cyber Security & TSOC

This position is within FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.  

This position’s base reporting location is in Wadsworth Township, Ohio with significant flexible work location opportunities.  This position is within FirstEnergy’s IT Security Operations and reports to the Manager of Transmission Security Operations Center (TSOC).  

Preferred work location is Wadsworth, OH.

The ability to work remotely within the United States may be available based on business need. This option is not available in the states of California, Colorado, Illinois, Kentucky, Massachusetts, Montana, Nebraska, New York, Oregon or Washington at this time.       

The IT Security Analyst position supports security information, incident response, forensics, threat intelligence, and event monitoring functions utilizing FirstEnergy’s Security Information and Event Management (SIEM) tool, open-sourced tools, forensic tools, threat intelligence platform (TIP), Security Orchestration, Automation and Response (SOAR) platform, and big data solutions.  This role focuses primarily on monitoring the events and logs from FirstEnergy’s Information Technology, Cyber Security and Physical Security data feeds and building out analytics based on adversarial behaviors. If activity is picked up through monitoring processes, this role requires the technical expertise to investigate the scenario appropriately. The ability to work independently as well as within groups is essential to this role. Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative. 

Responsibilities Include 

Perform daily monitoring and investigative activities while on shift either days or nights  

Assist with processing cases that require forensics to validate findings, produce threat intelligence, or fulfill an HR/Legal request 

Process different threat reports for value and potential content development, as well as keeping up with the current/relevant threat landscape  

Provide continuous feedback on opportunities to enhance current processes and content, assisting to implement those changes  

Assist with engineering data to enhance analytical capabilities based on structure, enrichments, and linking between other data sets  

Research new capabilities from both open and closed sourced technologies to find opportunities to enhance the Security Operation Center (SOC) ecosystem  

Provide documentation for cases and forensic reports  

Maintain current knowledge of relevant technology as assigned  

Assist with metrics, reporting, and other SOC communications  

Process and share information with other FirstEnergy security teams  

Assist or lead projects designated by the SOC team  

Qualifications 

Associates Degree in Computer Science, Information Security, or similar discipline with a minimum of 5-7 years professional experience in a cyber or related IT function. Bachelor’s Degree preferred 

Demonstrable subject matter expert knowledge in multiple major security technology systems or areas is required 

Master level knowledge of relevant work experiences 

Related experience includes but is not limited to: SOC (Security Operations Center) experience, IT Security experience in detection, triage, investigation, and remediation of security incidents within a network 

Demonstrate strong communication skills, both verbal and written  

Demonstrate creative problem solving and solutioning  

Ability to work effectively, independently and within a team environment  

Ability to handle, protect and preserve highly confidential information  

Ability to learn independently and from others  

Ability to find answers effectively using open-sourced information  

Understanding of programming/scripting code (Python, PowerShell, Bash), to interpret its functionality  

Understanding of both Linux and Windows operating systems  

Understanding of networking concepts and technologies  

Understanding of adversarial techniques (i.e., MITRE ATT&CK framework)  

Basic understanding of statistics  

Must be organized and comfortable with ongoing changes in priorities 

Must be able to work independently with minimal supervision