CURRENT SAWS EMPLOYEES ONLY Information Security Analyst - Cybersecurity

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Assurance, Information Technology, Computer Science, or related field from an institution accredited by a recognized accrediting agency.
• At least one professional information security certification required (CompTIA Security+, GIAC GPEN or GWAPT, CISSP, CISM, CRISC).
• Valid Class C Texas Driver's License consistent with SAWS Driving Policy.
• Knowledge of network security, security-related systems and applications as well as security protocols and related tools, including tcpdump, Wireshark, Metaspoit, Nessus, Rapid7, Splunk, Sourcefire, Web Application Firewalls, Identify and Access Governance, and Email Threat Prevention.
• Knowledge of SCADA/ICS security controls and best practices.
• Knowledge of Linux/Unix and other open source software to include BIND and Nessus.
• Strong working knowledge of Cisco IOS.
• Ability to communicate clearly and effectively both verbally and in writing.
• Ability to establish and maintain regular contact with internal and external customers and contractor representatives involved with LAN/WAN design, network implementation, and network management.

Nice To Haves

• CEH, GXPN, Pentest+, OSCP, GWAPT
• Programming skills in one or more language (Python, Ruby, Bash, PHP, Perl, Java).
• Experience with Cisco and Palo Alto enterprise grade products.
• Familiarity with network, server, storage virtualization, i.e. MDS switching infrastructure, VSAN, VRF, VPN, and VMWare vSphere.

Responsibilities

• Monitors the information security tools and systems (EDR, IDS, Firewall, VPN, WAF, DLP, SIEM, Web Proxies, Vulnerability Scanners) for the corporate, SCADA/ICS, and cloud computing environments.
• Detects, investigates, and performs recovery from security incidents, and assists with incident response planning.
• Assists with threat and vulnerability risk assessments to determine security requirements and proactively fix security flaws and vulnerabilities.
• Reviews cyber security tickets to ensure that incidents are logged and resolved in a timely basis and within established Service Level Agreements (SLAs).
• Assists in the identification, evaluation, deployment, and optimization of security technologies.
• Works closely with other groups; System Administrators, Network Engineering, Applications, SCADA/I&C and other information system staff to ensure adequate security solutions are in place for all IT systems and platforms to sufficiently mitigate identified risks and meet business objectives.
• Supports information security leadership team in strategic planning and development.
• Maintains awareness of latest security risks, analyzes potential impact of new threats and exploits, and communicates risks to relevant business units.
• Creates reports on security incidents and overall enterprise security status.
• Develops security related procedures and related metrics; reviews and contributes to the improvement and standardization of security systems across all of IT.
• Performs other duties as assigned.