Senior Soc Lead Analyst

Description:

Responsible for ensuring the safety of technology platforms inclusive of workstations, server systems, networks, applications, databases and electronic information, and to protect the systems from security violations, access or destruction. Assists with implementing Information Technology security policies covering protocols, applications, networks, client and server systems, personnel and other risk management mechanisms.

Key Roles & Responsibilities

Directly or through others, the incumbent will:

Actively monitor and investigate in real-time the organization’s networks, systems, applications, and databases to protect Oncor internal partners and our external customers from security violations, access, or destruction

Perform Cybersecurity investigations – Cyber Security Incident Response Plan (CSIRP) and make recommendations to management on findings and solutions

Reporting of identified metrics, threats, relevant trends, and other topics as requested by the Chief Digital Officer, Chief Information Officer, Information Security Officer

Actively engage and collaborate with other groups within the Digital Grid Management (DGM) team and internal partners

Act as an escalation point for security analysts and be able to assist in problem-solving by providing cybersecurity expertise and knowledge of corporate technology environment

Train new and existing SOC analysts to utilize the Client's security tools necessary to perform analyst duties

Guide and mentor SOC analyst to develop knowledge and understanding of security threats, trends, and intelligence

Coordinating with Manager for high priority incidents

Ensure the Director of Cybersecurity and CIO is apprised of technical and regulatory changes in the security landscape

A change agent to adapt and drive change throughout the organization

Strong interpersonal skills, a positive attitude, and the ability to thrive in a fast-paced environment

Self-motivated, results-oriented with a passion to deliver above par results in a proactive manner

Perform all essential aspects and functions of the job as well as any other specific job requirements as assigned

Education, Experience, & Skill Requirements

High School diploma, GED and relevant work experience is required; Bachelor’s Degree in Information Technology, Computer Science, Cybersecurity or other related field is preferred

5 years cybersecurity monitoring experience required

Proven analytical, problem solving, and research skills

Understanding of network concepts, protocols, services and operating systems

Experience with SIEM, email security, IPS, web security, application whitelisting, EDR, SOAR, and anomaly detection tools required

Ability to obtain certifications in industry specific and technical fields, such as NERC-CIP and CompTIA Security +

Willingness to work a flexible schedule, such as shift work (including rotating shifts), days, nights, weekends and holidays as necessary

Advanced verbal and written communication skills

Ability to work in an open and collaborative environment