We are hiring a Senior Security Analyst - Cyber Security for our Enterprise Security Services (ESS) department to be based out of Denver, CO. The Senior Analyst will report within the Cyber Operations and Monitoring team, which will work closely with the Enterprise Vulnerability Management (EVM) team. The Cyber Operations and Monitoring & EVM teams will work closely together to find possible vulnerabilities, investigate, determine threat level, and mitigate risks through monitoring, incident response, and network traffic analysis. A strong background in SIEM, ePO, and/or incident response is required of the successful applicant.
The ESS team is responsible for all aspects of security within Xcel Energy including Cyber, Physical, Enterprise Continuity and our Governance and Risk services. This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in. Come join the high-energy team in building a best-in-class example of security related service offerings.
Responsible for providing cyber security guidance, identification, evaluation, design, development, implementation and integration of cyber security solutions, products and services. Provide expertise and execution in the day-to-day operations of all cyber security solutions, technology and procedures including vulnerability management, penetration testing, perimeter management and testing including rogue wireless detection, cyber forensic investigations, and overall security technology and solutions management. Ensure all regulatory, contractual and internal security requirements are met in relation to the day-to-day operations and use of cyber security solutions, technology and procedures. Execute assigned tasks as part of an on-call rotation.
- Monitor and respond to security events escalated by Level 1& 2 security analysts and respond appropriately to protect Xcel Energy information and assets
- Utilize endpoint products to identify malicious activity on the network
- Review daily and weekly reports generated by Level 1 & 2 security analysts for actionable tasks for the Monitoring team
- Manage and operate all security solutions and technology used in cyber security to provide protection and regulatory compliance.
- Perform Cyber Security Audits and Penetration Tests as well as mitigation of Cyber Security Vulnerabilities.
- Provide cyber security support to business and technical teams in the design of standardized products and customized solutions. Must be flexible to continuously changing demands and technologies and have the ability to maintain a library of security tools used as part of this function.
- Develop and maintain a working relationship with 3rd Party service providers responsible for providing technology consulting. Work with business unit executives and service providers to introduce required Cyber Security functionalities into the environment.
- Perform Cyber Investigations and maintain forensic evidence as needed.
- Provide guidance and training to internal staff including project managers, other Xcel Energy technical areas as well as customers and trade allies on cyber security issues and requirements.
- Provide all assigned responsibilities as part of an on-call rotation.
- Bachelor's degree (preferably with a concentration in Computer Science, Technology, Information Security, Information Systems or Engineering) or the equivalent combination of education, training and professional experience.
- 5+ years of experience working in Security or a related discipline.
- Strong background in SIEM, ePO, and/or incident response.
- Demonstrated verbal/written communication and presentation skills.
- Demonstrated ability to effectively communicate information and recommendations to management.
- Demonstrated leadership skills.
- Proven problem solving and business risk analysis skills.
- Ability to excel in a team environment.
- Strong investigative, conflict resolution and negotiation skills.
- Must possess a broad knowledge relating to I/T infrastructures and have in-depth and up-to-date experience with multiple operating systems and desk side integration.