Threat Researcher

MISO•Carmel, IN

7d•$101,000 - $126,000•Onsite

About The Position

If you're a proactive problem solver with a deep understanding of cybersecurity, have a knack for data analysis, and want to help to protect the bulk electric system for 45 million people, we want to hear from you! As MISO’s Threat Researcher , you will identify and mitigate threats and will help MISO maintain its reputation as a reliable, value-creating regional transmission organization. You’ll proactively identify and neutralize potential threats, conduct thorough investigations into security incidents, and stay ahead of emerging cyber threats. You’ll be someone who enjoys digging into the “why” behind alerts, thinking like an attacker, and staying curious about emerging threat techniques. Day to day, you’ll have the opportunity to influence how MISO detects and responds to threats, helping shape tools and processes that protect critical infrastructure. If you’re excited about working in a mission-driven environment where your research directly supports grid reliability and public safety, this role offers meaningful impact and room to grow. Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid. MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future – it’s what our immensely hardworking and dedicated team does every day.

Requirements

At least 4+ years relevant work experience in Cyber Security and a data science/analytics background
Bachelor’s degree in Computer Science, Applied Mathematics, Statistics, Data Science, Security
Proficiency in threat detection tools (e.g., SIEM, EDR, NDR) and familiarity with threat hunting methodologies.
Proficiency with security automation and orchestration (SOAR), threat intelligence platforms, and incident response workflows, including scripting and programming in PowerShell, Python, or Bash, working with APIs and version control (Git), processing large data sets using Power BI and ServiceNow
Knowledge of Microsoft Azure and Entra ID ecosystems including logs, and security products.
ServiceNow experience is a plus

Nice To Haves

GPEN – GIAC Penetration Tester
GCTI – GIAC Cyber Threat Intelligence

Responsibilities

Perform threat hunting and investigation efforts by conducting host and network forensics, log analysis, and malware triage to identify attacker behavior and emerging risks.
Analyze and correlate large volumes of security telemetry and threat intelligence, using analytical techniques to uncover anomalies and develop high-fidelity detections.
Design, implement, and continuously improve layered detection and defense capabilities by integrating multiple log sources into unified data models and correlation strategies.
Perform independent research on adversary tactics, techniques, and procedures (TTPs), translating findings from incident investigations and attack path testing into actionable detection and engineering requirements.
Collaborate closely with SOC, Incident Response, and other teams to operationalize security research, support 24x7 on-call operations, and strengthen MISO’s overall cyber defense posture.