Security Technical Spec Lead - Staff

About The Position

Requirements

• Bachelor's degree OR Associates degree with 2 years relevant experience in system administration/help desk/security (cyber or physical) OR High School Diploma/GED with 4 years relevant experience in IT system administration/help desk/security (cyber or physical).
• 7 or more years of Information Technology related experience; OR 5 or more years of security related experience, which may include military/government work experience in addition to any experience identified above.
• Bachelor's degree or associate degree with 2 years relevant experience in system administration/help desk/security (cyber or physical) OR High School Diploma/GED with 4 years relevant experience in IT system administration/help desk/security (cyber or physical).
• 10 or more years of Information Technology related experience OR 8 or more years of security related experience, which may include military/government work experience in addition to any experience identified above.

Nice To Haves

• Cybersecurity-specific working knowledge of, or experience with, several of the items from the following list: Endpoint protection software and technologies UNIX/Linux command line operations Windows Active Directory TCP/IP Network infrastructure, including DNS, firewalls, routers, switches and load-balancers Packet capture software (Wireshark, Fiddler, etc.) Scripting / development using Python, PowerShell, Bash, or Perl.
• Strong understanding of application control methodology.
• Knowledge of endpoint troubleshooting skills in Windows and/or Linux environments.
• Knowledge of how traffic flows through networks.
• Experience in operational technology/critical infrastructure, preferably with NERC CIP experience.
• CCIPS, CCS-P, CERT Incident Response Process Professional, CNCT, CISM, CISSP, CREST Certified Host Intrusion Analyst, CREST Certified Malware Reverse Engineer, CREST Registered Technical Security Architect, GCCC, GCDA, GCED, GCFW, GCIA, GCIH, GCIP, GCLD, GCPN, GCTI, GCUX, GCWN, GDAT, GDSA, GFACT, GICSP, GISF, GISP, GLEG, GMON, GOSI, GPCS, GREM, GRID, GSEC, GSLC, GSOM, GXPN, ISA, ISP, ISSAP, MCITP, Microsoft 365 Certified: Enterprise Administrator Expert, Microsoft 365 Security Administration, Microsoft Security, OSCP, OSEE, Vendor specific certifications.

Responsibilities

• Deploy, use, maintain and evolve cybersecurity tools on premise and in the cloud.
• Collect and analyze cybersecurity requirements.
• Create new or refine existing cybersecurity processes.
• Contribute to the resolution of cybersecurity incidents.
• Develop and maintain documentation of cybersecurity systems, projects and/or processes to ensure unified understanding.
• Collaborate with other technology areas and business units.
• Help coordinate some work assignments of lower-level teammates.
• Contribute to the creation of a climate in which people want to do their best.
• Develop and present cybersecurity documents and reports clearly, concisely, and effectively.
• Adjust delivery style to fit target audience.
• Identify, clarify, resolve, and initiate solutions to cybersecurity problems requiring data analysis.
• Formulate questions and seek clarification before applying cybersecurity measures.
• Produce status reports with minimal guidance from higher level teammates.
• Maintain an awareness of time constraints for work activities; make appropriate adjustments when needed.
• Participate in team initiatives and meetings by preparing, making contributions and following through on agreements.
• Participate in activities to ensure AEP is in compliance with laws, regulations and standards such as NERC CIP, SOX, Privacy, and PII.
• Demonstrate the utmost flexibility and capability to switch from one activity to another on short notice.
• Willingness to work overtime for incident response for security events.
• This position may require some work outside of normal hours and being on call.
• Architect, engineer, develop, deploy, and administer XDR \ EDR solutions for the AEP environment.
• Architect, engineer, develop, deploy, and administer endpoint security solutions for the AEP environment.
• Support integration of endpoint tools with existing solutions to enhance visibility of user activity across all of AEP’s services.
• Responsible for architecting, engineering, deploying, and administering the configurations and policies for AEP’s endpoint tools.
• Continually evaluate the effectiveness and efficiency of endpoint solutions and policies as needed to tune configurations to reduce false positive events while improving detection of high quality, quantifiable and measurable risk events while also maintaining optimal system performance and stability.
• Responsible for troubleshooting complex issues on user and server endpoints in a large geographically diverse environment.
• Be a technical leader who can think strategically, has extensive technical knowledge, and can leverage technology, automation, and managed services to scale delivery of capabilities.
• Establish processes and procedures for entry and intermediate level analysts.
• Advise management on tool effectiveness where appropriate.
• Partner with internal stakeholders to implement appropriate configurations, policies, and procedures for endpoint security solutions.

Benefits

• Competitive compensation
• Unique comprehensive benefits package that aims to support and enhance the overall well-being of our employees