What are the responsibilities and job description for the Intelligence and Risk Analyst position at MidAmerican Energy?
Primary Job Duties and Responsibilities (Essential Job Function)
Provides consultation to the BHE Chief Security Officer (CSO) and other security leaders regarding emerging national and global physical and cyber security threats. Provides direction on security requirements for technology related projects and performs advanced security analytics to aid in detecting and mitigating threats using internally and externally sourced information.
Typical Duties
Support Chief Security Officer organization as a security analyst and subject matter expert to develop analytic data to inform decision making, both quantitative and qualitative. Support cross-sector and industry security collaboration and industry-government security efforts under the direction of management. (30%)
Coordinate and collaborate with Information Technology (IT) and Operational Technology (OT) organizations in response to classified and unclassified physical and cyber threat reporting. This duty does not require a complete understanding of BHE security practices, but an ability to understand and apply security concepts to potentially impacted systems Also a full understanding of physical and cyber security issues that may be pertinent to BHE interests is key to success. (30%)
Produce regular, topical information security intelligence and mitigation information in an actionable format. Familiarity with modern Threat Intelligence Platforms (TIP), Security Incident and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) concepts and software. (20%)
Maintain an ability to quickly gain an understanding of electronic security perimeters to ensure adequate defense in depth design across enterprise systems. Maintain a basic understanding of common industrial control system (ICS) technologies, relationship between IT/OT, and related security controls and issues. (10%)
Assist in complex IT/OT and physical investigations or assessment activities as needed. (5%)
Provide timely and accurate cross-platform support in response to emergent cyber, physical, and geopolitical security threats that may impact BHE. (5-10%)
Performs any additional responsibilities as requested or assigned. (0-5%)
Provides consultation to the BHE Chief Security Officer (CSO) and other security leaders regarding emerging national and global physical and cyber security threats. Provides direction on security requirements for technology related projects and performs advanced security analytics to aid in detecting and mitigating threats using internally and externally sourced information.
Typical Duties
Support Chief Security Officer organization as a security analyst and subject matter expert to develop analytic data to inform decision making, both quantitative and qualitative. Support cross-sector and industry security collaboration and industry-government security efforts under the direction of management. (30%)
Coordinate and collaborate with Information Technology (IT) and Operational Technology (OT) organizations in response to classified and unclassified physical and cyber threat reporting. This duty does not require a complete understanding of BHE security practices, but an ability to understand and apply security concepts to potentially impacted systems Also a full understanding of physical and cyber security issues that may be pertinent to BHE interests is key to success. (30%)
Produce regular, topical information security intelligence and mitigation information in an actionable format. Familiarity with modern Threat Intelligence Platforms (TIP), Security Incident and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) concepts and software. (20%)
Maintain an ability to quickly gain an understanding of electronic security perimeters to ensure adequate defense in depth design across enterprise systems. Maintain a basic understanding of common industrial control system (ICS) technologies, relationship between IT/OT, and related security controls and issues. (10%)
Assist in complex IT/OT and physical investigations or assessment activities as needed. (5%)
Provide timely and accurate cross-platform support in response to emergent cyber, physical, and geopolitical security threats that may impact BHE. (5-10%)
Performs any additional responsibilities as requested or assigned. (0-5%)
Qualifications
Bachelor's degree in information/cyber security, computer science, information technology, threat intelligence or related field or equivalent work experience. (Typically, six years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a bachelor's degree.)
The successful candidate must have at least five years of experience in network security monitoring and analysis, cyber threat intelligence, cyber incident response, or related experience.
Advanced knowledge of security principles is desired through achievement of advanced security certification, such as CISSP, GSEC, GCTI, GCIH, OSCP, or similar.
Experience in intelligence management, security technologies and corporate security topics preferred.
Data management skills with experience in at least one programming language, such as PERL
Experience in detecting anomalous behavior through commonly used protocols and toolsets, such as SNORT or YARA.
Knowledge of information technology and operational technology terms, equipment, systems, functions and major vendors.
Excellent oral and written communication skills, including presentation skills. Effective interpersonal skills and customer relationship skills.
Effective analytical, problem-solving and decision-making skills.
Project management skills with an ability to prioritize and handle multiple tasks and projects concurrently.
Employees must be able to perform the essential functions of the position with or without an accommodation.
Ability to obtain and maintain a government security clearance of at least Secret classification, Top Secret preferred.
The successful candidate must have at least five years of experience in network security monitoring and analysis, cyber threat intelligence, cyber incident response, or related experience.
Advanced knowledge of security principles is desired through achievement of advanced security certification, such as CISSP, GSEC, GCTI, GCIH, OSCP, or similar.
Experience in intelligence management, security technologies and corporate security topics preferred.
Data management skills with experience in at least one programming language, such as PERL
Experience in detecting anomalous behavior through commonly used protocols and toolsets, such as SNORT or YARA.
Knowledge of information technology and operational technology terms, equipment, systems, functions and major vendors.
Excellent oral and written communication skills, including presentation skills. Effective interpersonal skills and customer relationship skills.
Effective analytical, problem-solving and decision-making skills.
Project management skills with an ability to prioritize and handle multiple tasks and projects concurrently.
Employees must be able to perform the essential functions of the position with or without an accommodation.
Ability to obtain and maintain a government security clearance of at least Secret classification, Top Secret preferred.
Premium Auditor
Davies Risk Services -
Topeka, KS
Compliance Unit Manager
North American Risk Services (NARS) -
Home, KS
At-Risk Aide
THEODORE ROOSEVELT ELEMENTARY -
Manhattan, KS
