Security Analyst - Incident Response

Full Time
Boston, Massachusetts
report a problem
Overview

EnerNOC is Growing Globally!
 Exciting new opportunities in Sales, Engineering, Finance, and more!

The Sr. Information Security Analyst provides security and technical guidance to identify and assist in establishing practices and system configurations that ensure the confidentiality, integrity and availability of information systems assets. Provide guidance to clients and other first responders for the proper handling of Information Security incidents, coordinate efforts of and provide timely updates to multiple business units during response as well as provide recommendations to the units as required. Monitors and audits information systems activities and systems to confirm information security policy compliance and provides management with security policy compliance assessments and system monitoring reports. experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.

Key Responsibilities        

  • Manage personal project work
  • Triage and lead escalated Security events and incident
  • Work independently or among team members to ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process
  • Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
  • Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
  • Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
  • Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment
  • Preserve, harvest, and process electronic data according to company policies and regulatory requirements
  • Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report
  • Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices
  • Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
  • Development and upkeep of standard operating procedures with the insight to know when new ones need to be developed
  • Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
  • Assist intrusion remediation and strategy development and implementation.
  • Recommend effective process changes to enhance defense and response procedures.
  • Coordinate with clients to resolve high or critical severity level incidents.
  • Evaluate, test and select security tools, evaluation products and control products.
  • Assist with annual SOX and SOC assessment and related remediation efforts.

Job Requirements
Qualifications

  • Bachelor’s degree in Information Systems preferred or a related technical field, or strong equivalent work experience in a technical environment.
  • A minimum of 4 -6 years of experience in the field of information security.Strong working knowledge of information systems security standards and practices. Experience with one or more of the following: security monitoring, database security, policy and procedure, Active Directory, cryptography/PKI, application security assessments, risk assessments, security awareness, or related information security subject area.
  • Possession of security certification(s): CISSP (highly preferred), SSCP, Security+, GSEC, MCSE, CISA, or CISM.
  • Must be available on call 24x7x365 and able to quickly respond to problems affecting system security, occasionally requiring work outside normal business hours (i.e. evenings, weekends, or early mornings).

Core Competencies

  • Customer/Quality Focus
  • Passionate about information security
  • Teamwork/Collaboration
  • Self-starter and ability to work independently
  • Exceptional communication skills both written and verbal

ADA Physical/Mental/Workplace Requirements

  • Occasional lifting up to 25 lbs.
  • Sitting, working at desk/personal computer for extended periods of time
  • Primary work environment is professional corporate office
  • Ability to travel both domestically and internationally

 




Share this job:

ENERNOC

Help Reshape the Future of Energy
EnerNOC is a leading provider of cloud-based energy intelligence software (EIS) and services to thousands of enterprise customers and utilities globally. EnerNOC's EIS solutions for enterprise customers improve energy productivity by optimizing how they buy, how much they use, and when they use energy. EIS for enterprise includes budgeting and procurement, utility bill management, facility optimization, visibility and reporting, project tracking, demand management, and demand response. EnerNOC's EIS solutions for utilities help maximize customer engagement and the value of demand-side resources, including demand response and energy efficiency. EnerNOC supports customer success with its world-class professional services team and a Network Operations Center (NOC) staffed 24x7x365. 
Visit ENERNOC's Social Media pages:
Company Industry: Information Technology and Services
Company Type: Public Company
Company Size: 1,001-5000