Senior Cyber Defense Analyst

Check out this video and find out why our team loves to work here! (https://www.youtube.com/watch?v=fHmr45H8xZE)
The Senior Cyber Defense Analyst will act as the primary lead for proper handling of Information Security incidents and provide remediation actions as required. This position will also perform Threat Hunting activities looking for malicious activity in the network. To accomplish these tasks, the candidate must have a strong understanding of computer systems, cyber-attack methods/tools, and underlying principles of networking, infrastructure, and system integration. In addition, provides technical expertise to key Security tools and software. This includes requirements in the planning, coordination, programming, and implementation of releases, upgrades or changes to security system software and hardware. Essential Functions: - Develop content for cyber defense tools. - Performs Incident Response functions for the SOC team to ensure incidents are handled appropriately to minimize risk and impact to the company. - Analyzes and processes case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations - Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring flexibility and responsiveness - Performs threat hunting activities in various security systems looking for malicious activity which may go undetected by other means. - The ability apply limit cyber threat intelligence to known adversarial TTPs to predict or anticipate behaviors - Develops monitoring rules and alerts for identifying cyber security incidents - Assists in security incident handling to ensure timely mitigation and remediation efforts are completed - Produces high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management - Must be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy. - Assess vulnerabilities through scans and penetration testing techniques with tools such as Nmap, Nessus, Kali Linux. Required Skills Education and Experience: Minimum of 6 years of experience in the field of information security Bachelor's degree in Information Systems or related technical discipline is required - Knowledge of common network tools (e.g., ping, traceroute, nslookup) and interpret the information results. - Strong working knowledge of information systems security standards and practices - Ability to write scripts in at least one language (Python & PowerShell Preferred) - Knowledge of the common attack vectors on the various OSI layers - Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution). - Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored]). - Knowledge of basic system administration, network, and operating system hardening techniques. - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). - Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. - SIEM Platforms - Endpoint Detection & Response technologies - Active Directory - Ethical Hacking & Penetration Testing Methodologies Licenses & Certifications from one of the following organizations: - SANS/GIAC - EC-Council - ISC2 Working Conditions: - Must be available to work emergency restoration assignment as required. - Must be available to travel between MA/CT/NH as necessary. - Must be able to work off hours as required by cyber incidents #corpajd Worker Type: Regular Number of Openings: 1 EEO Statement Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status. VEVRRA Federal Contractor Vaccination Information: Eversource requires all new employees to be fully vaccinated for COVID-19 by their first day of employment. If you have any concerns regarding compliance with this requirement, you will need to discuss your concerns with Eversource's HR department after you have been made a conditional offer of employment. Eversource does not require applicants to discuss vaccination status prior to receipt of a conditional offer of employment and complies with all applicable laws. Emergency Response: Responding to emergency situations to meet customers' needs is part of every employee's role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.