iSOC Analyst

At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams. Apply here to start an extraordinary career today.

Job Description - iSOC Security Analyst

Job Purpose

The iSOC Security Analyst position directly supports the AES Infrastructure Security organization for all ongoing activities that serve to provide appropriate access to, and protect the confidentiality, integrity and availability of employee and business information in compliance with organizational policies, procedures and regulatory requirements including North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Security Standards.

This position is responsible for monitoring and processing alarm (cyber & physical) events, intrusion system alerts, threat intelligence systems, and communications requests within the Security Operations Center. The position requires working an 8-hour or 10-hour rotating shift that may include weekends and holidays.

Primary Duties and Responsibilities

The primary duties of the Security Analyst are to support compliance activities by monitoring facility access and initiate alarm procedures, monitor multiple camera systems for activity and events, and process phone calls and email requests for events incoming from multiple company facilities. Responsibilities include initiating notification system alerts for designated facilities, performing logical investigations for company assets and personnel, overseeing visitor managements procedures and activities at secure locations, performing physical access control log monitoring, performing NERC CIP cyber access monitoring and executing alert procedures. The analyst will utilize security software systems to monitor cyber security threats and perform primary cyber security system or forensic analysis related to NERC CIP environments. Security Analysts will also create and process security badge requests, create summary reports, activity reports, incident reports, and verify event threshold processing activities.

The Security Analyst will monitor the real-time intelligence system, carry out event analysis and escalate threat detection responses according to internal incident response procedures. The ability to prepare, maintain, and follow procedures for logging, reporting, and monitoring of security and regulatory operations is crucial to the position.

Additional duties and responsibilities include coordinating incident handling, process phone calls and email requests for events, perform cyber and physical access control log monitoring to include firewall logs, IPS logs, anti-virus logs, web logs, and SIEM logs.

The candidate must be able to communicate effectively with internal and external customers, responds to requests for supporting information, and perform other duties as assigned.

This position is a NERC regulated position. As such, the incumbent is required to maintain an active DHS Transportation Workers Identification Credential (TWIC). Additionally, the incumbent will be required to complete annual NERC and other compliance training and participate in the Incident Response Team (IRT).

Qualifications

This position will require excellent problem solving and decision-making skills, the ability to work with minimal supervision, and the ability to perform duties effectively under emergency situations. Primary qualifications include:

• 2-5 years of security or computer experience, to include systems administration or network experience.
• Experience in Microsoft Active Directory, DNS, system architecture, storage solutions, virtual machine or other Information Technology related experience is desired.
• Cyber and physical alarm system event processing, dispatch operations, emergency notification systems, computer operations, camera system monitoring, or alert analysis experience.
• Meet the internal on-the-job training expectations and successfully test against SOC systems within twelve months.
• Interpret technical manuals, write procedures and guideline documentation. Have strong report writing skills.
• Communicate as a native English speaker.
• Certification(s) in Security related fields is desired; ASIS APP, PSP or CPP, CompTIA, E/CH, CISSP, CISA or SANS, or technical certification in Cisco, Microsoft, Linux or Unix.

Preferred:

An ideal candidate will have two or more years' experience in the Energy or Utility industry, experience supporting a 24 x 7 real time operations environment, experience supporting systems subject to regulatory compliance requirements, or experience with FERC, NERC, RFC, or PJM.

AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion. Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work. All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and/or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law. E-Verify Notice: AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

Safety comes first at AES. To protect the health and safety of our people, customers, communities and partners, and to provide and maintain a workplace that is free of known hazards, AES requires all newly-hired people or current AES people applying for U.S.-based role(s), to be fully vaccinated against COVID-19 or be willing to be fully vaccinated against COVID-19 by their date of hire. Except where prohibited by law or not specifically covered in a collective bargaining agreement, new hires and transfers will be required to provide proof of vaccination during onboarding and periodically thereafter. This policy will comply with all applicable laws and is based on guidance from the Centers for Disease Control and Prevention and local health authorities, as applicable.