Cyber Security Operation Center Analyst #21-60718

Full-time
San Diego Gas & Electric
Description

SDG&E is an innovative San Diego-based energy company that provides clean, safe and reliable energy to better the lives of the people it serves in San Diego and southern Orange counties. The company is committed to creating a sustainable future by providing its electricity from renewable sources; modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure the reliable operation of the region’s infrastructure for generations to come. SDG&E is a subsidiary of Sempra Energy (NYSE: SRE).

Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.

Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.

For more information, visit SDGEnews.com or connect with SDG&E on Twitter (@SDGE), Instagram (@SDGE) and Facebook.

Primary Purpose:

As part of the Security Operations Center team, the SOC analyst provides initial support for resolving information security incidents. Obtains information, troubleshoots, documents, and escalates as appropriate.

Duties and Responsibilities:

  • Answer the Security Hotline, Security Mailbox, and SOC ticket queue. Monitor and assess various security events using various SOC tools. Perform log analysis to identify anomalies and risk. Work to resolve severity incidents, and perform initial triage for more complex and high-severity incidents. Perform searches using manual & automated methods for additional context and 65historical information. Document and communicate incident details in a clear and timely manner. Submit various data samples to vendors and in-house/external tools. Assess endpoints for ongoing risk and determine if systems should be reimaged.
  • Answer the Security Hotline, Security Mailbox, and SOC ticket queue. Monitor and assess various security events using various SOC tools. Perform log analysis to identify anomalies and risk. Work to resolve severity incidents, and perform initial triage for more complex and high-severity incidents. Perform searches using manual & automated methods for additional context and 65historical information. Document and communicate incident details in a clear and timely manner. Submit various data samples to vendors and in-house/external tools. Assess endpoints for ongoing risk and determine if systems should be reimaged.
  • Coordinate phone bridge communications for Computer Incident Response Team (CIRT) activities. Coordinate communications with subject matter experts (SMEs), Teams, etc. Assist in acquisition of remote computer forensic evidence for Computer Incident Response Team (CIRT) and computer forensic team according to formal evidence acquisition process. Assist Incident Response Team and Forensic Investigation support, and complete Incident Management Cases, including working with and reporting to external agencies.
  • Ensure compliance with policies and procedures in the Security Operations Center. Ensure Compliance with company security policies and standards. Produce reports and metrics. Produce, update, and maintain SOC process and procedure documentation, incorporating feedback from relevant stakeholders. Assist with regular evaluation of SOC policies and procedures; recommend improvements.
  • Performs other duties as assigned (no more than 5% of duties).
Qualifications

Required Qualifications: 

  • H.S. Diploma/GED or equivalent training and/or experience. Technical/Vocational Coursework in Computer Science, security operations, information systems, related field or equivalent industry experience.
  • 2-4 years experience working in a Security Operations Center (SOC), Network operations Center (NOC) or similar.
  • Security certification such as CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, CCNA or SSCP.
  • Experience with Anti-Virus, Active Directory, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools, log & packet analysis tools, and other toolsets found in large network environments.
  • Experience in a high-stress environment, such as a fast-paced call center, helpdesk or other employee facing service that is high volume.
  • Ability to maintain common situational awareness on security-related issues, threats & risks.

Preferred Qualifications: 

  • Bachelor’s Degree Bachelor’s Degree in Computer Science, Engineering, related discipline or equivalent experience.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

Menu