Cyber Security Operations Analyst

FirstEnergy at a Glance We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers lives brighter, the environment better and our communities stronger. FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts. About the Opportunity This position is within FirstEnergy Service Co., a subsidiary of FirstEnergy Corp. [SC00] This positions base reporting location is in Wadsworth Township, Ohio with significant flexible work location opportunities. This position is within FirstEnergys IT Security Operations and reports to the Manager of Transmission Security Operations Center (TSOC). The IT Security Analyst position supports security information, incident response, forensics, threat intelligence, and event monitoring functions utilizing FirstEnergys Security Information and Event Management (SIEM) tool, open-sourced tools, forensic tools, threat intelligence platform (TIP), Security Orchestration, Automation and Response (SOAR) platform, and big data solutions. This role focuses primarily on monitoring the events and logs from FirstEnergys Information Technology, Cyber Security and Physical Security data feeds and building out analytics based on adversarial behaviors. If activity is picked up through monitoring processes, this role requires the technical expertise to investigate the scenario appropriately. The ability to work independently as well as within groups is essential to this role. Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative. Responsibilities Include - Perform daily monitoring and investigative activities while on shift either days or nights - Assist with processing cases that require forensics to validate findings, produce threat intelligence, or fulfill an HR/Legal request - Process different threat reports for value and potential content development, as well as keeping up with the current/relevant threat landscape - Provide continuous feedback on opportunities to enhance current processes and content, assisting to implement those changes - Assist with engineering data to enhance analytical capabilities based on structure, enrichments, and linking between other data sets - Research new capabilities from both open and closed sourced technologies to find opportunities to enhance the Security Operation Center (SOC) ecosystem - Provide documentation for cases and forensic reports - Maintain current knowledge of relevant technology as assigned - Assist with metrics, reporting, and other SOC communications - Process and share information with other FirstEnergy security teams - Assist or lead projects designated by the SOC team Qualifications - Associates Degree in Computer Science, Information Security, or similar discipline is preferred with 0 to 2 years experience. Bachelors Degree preferred- An Associate degree in another field with 2 years relevant industry experience in cyber/information security will be considered. - In lieu of a degree, 2 years of related experience is required - Related experience includes but is not limited to: SOC (Security Operations Center) experience, IT Security experience in detection, triage, investigation, and remediation of security incidents within a network - Demonstrate strong communication skills, both verbal and written - Demonstrate creative problem solving and solutioning - Ability to work effectively, independently and within a team environment - Ability to handle, protect and preserve highly confidential information - Ability to learn independently and from others - Ability to find answers effectively using open-sourced information - Understanding of programming/scripting code (Python, PowerShell, Bash), to interpret its functionality - Understanding of both Linux and Windows operating systems - Understanding of networking concepts and technologies - Understanding of adversarial techniques (i.e., MITRE ATT&CK framework) - Basic understanding of statistics - Must be organized and comfortable with ongoing changes in priorities - Must be able to work independently with minimal supervision Level Requirements II - Qualifications at Level II include all the above, plus a minimum of 2 years professional experience in a cyber or related IT function - Working knowledge of relevant work experiences III - Qualifications at Level III include all the above, plus a minimum of 2- 4 years professional experience in a cyber or related IT function - Demonstrable subject matter expert knowledge in at least one major security technology system or area is required - In-depth knowledge of relevant work experience IV - Qualifications at Level IV include all the above, plus a minimum of 5 years professional-level experience required. experience and subject matter expert knowledge in at least one major cyber security discipline required - Demonstrable subject matter expert knowledge in multiple major security technology systems or areas is required. - Expert level knowledge of relevant work experience V - Qualifications at Level V include all the above, plus a minimum of 5-7 years professional experience in a cyber or related IT function - Demonstrable subject matter expert knowledge in multiple major security technology systems or areas is required - Master level knowledge of relevant work experiences Benefits, Compensation & Workforce Diversity At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time. Safety Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.