Job Description :
DirectClient: Lower Colorado River Authority(LCRA)
Solicitation#LCRA11429/LCRA11428
Title: Cybersecurity Analyst
Location: Austin, Texas 78703
Duration: 12 Months with possible extension
Last date for submission: February 21, 2019 (2.00 PM-CST)
No of Positions: 2(1-5 Years Security, 1-2 Years Security Experience)
Job Description:
The selected candidate for the Cybersecurity Analyst II position evaluates and responds to alerts from a variety of cyber security monitoring and response tools. The worker provides support to the business community and ensures they have protection from malicious software and other cyber threats. The worker evaluates and recommends security controls to remediate and mitigate risk. The worker provides reports and other information related to cybersecurity issues as requested by management and other groups. The worker performs evaluation and analysis of security applications and systems and makes recommendations to management. This position utilizes knowledge and experience in own discipline but is still building higher-level knowledge and skills. This position receives a moderate level of guidance and direction from supervisor, manager and/or more experienced colleagues.
Duties for this position include:
Monitors and coordinates findings with appropriate SMEs for database monitoring alerts.
Participates in risk assessments and recommends security measures.
Monitors cybersecurity systems for possible intrusion.
Interacts with end users concerning malware, spam, vulnerabilities and any other cybersecurity issues.
Reviews and creates audit reports on user and system activities.
Reviews system generated logs for anomalies and takes appropriate actions.
Actively probes the network for new threats and risks.
Documents, deploys, reviews and maintains cybersecurity policies, standards, guidelines and procedures.
Monitors security alerts on internet and other intelligence feeds and determines whether reported threats could impact LCRA technology or operational systems.
Implements and administers technical security systems including SIEM, VAT, network IDS, antivirus, web and email filters, and firewalls.
Performs cybersecurity incident response activities.
Documents and maintains objective evidence to demonstrate NERC CIP regulatory compliance.
Performs work by traveling independently or with a small team to various locations (substations, power plants, water systems, etc as scheduled.
The worker should have experience in threat identification, detection, and security event analysis.
Other Special Requirements: All entities replying to this request must be able pass an LCRA background check. In addition, all entities must sign a Confidentiality Agreement for any and all data not available to the general public as a condition of employment.
Terms and Conditions: This position is subject to funding.
WORKER SKILLS AND QUALIFICATIONS
Minimum Requirements:
Years Skills/Experience
5 Cybersecurity event triage and analysis
5 Threat detection
5 Experience working in a security operations role responsible for analyzing security events to determine if a cybersecurity incident may have occurred.
5 Skill in analyzing significant volumes of detailed information and understanding the security implications
5 Experience administering and responding to database monitoring tools and alerts
Preferences:
Years Skills/Experience
CISSP, GIAC, or similar certification
intermediate Knowledge of anti-virus and anti-spam technologies
intermediate Knowledge of technology hardware and software platforms and systems
intermediate Skill in analytical and technical documentation
intermediate Skill in verbal and written communication
intermediate Skill in articulating complex, technical information to both technical and non-technical audiences
intermediate Skill in understanding complex systems across diverse technical platforms
intermediate Skill level in anti-virus, anti-spam, secure content, network security and web filtering software
intermediate Ability to balance and manage competing high priority work demands
intermediate Ability to work in a team environment
intermediate Ability to conduct sensitive security investigations and maintain confidentiality
intermediate Skill in database security monitoring and response process