The Analyst-ISOC, Infrastructure Security position directly supports the AES Infrastructure Security organization for all ongoing activities that serve to provide access to and protect the confidentiality, integrity, and availability of employee and business information. This follows compliance with organizational policies and procedures along with regulatory requirements including the North American Electric Reliability Corporation (NERC) and Critical Infrastructure Protection (CIP) Security Standards.
This position is responsible for monitoring and processing alarm events (cyber & physical), intrusion system alerts, threat intelligence systems, and communications requests within the Security Operations Center. The position requires working an 8-hour or 10-hour rotating shift that may include day, middle, late, weekends, and holidays.
Primary Duties and Responsibilities
The primary duties of Analyst-ISOC, Infrastructure Security are:
- Support compliance activities by monitoring facility access and initiate alarm procedures.
- Monitor multiple camera systems for activity and events, and process phone calls and email requests for events incoming from multiple company facilities.
Responsibilities include:
- Initiating notification system alerts for designated facilities.
- Performing logical investigations for company assets and personnel.
- Overseeing visitor management procedures and activities at secure locations.
- Performing physical access control log monitoring.
- Performing NERC CIP cyber access monitoring and executing alert procedures.
- Utilize security software systems to monitor cyber security threats and perform investigations or forensic analysis related to NERC CIP environments.
- Perform cyber and physical access control log monitoring, including: firewall logs, IPS logs, anti-virus logs, weblogs, and SIEM logs.
Security Analysts will also:
- Create and process security badge requests.
- Build summary reports, activity reports, and incident reports.
- Verify event threshold processing activities.
The Security Analyst will supervise the real-time intelligence system, carry out event analysis, and escalate threat detection responses according to internal incident response procedures. The ability to prepare, maintain, and follow procedures for logging, reporting, and monitoring of security and regulatory operations is critical to this position.
The candidate must be able to communicate optimally with internal and external customers, respond to requests for supporting information, and perform other duties as assigned.
This position is a NERC-regulated position. As such, the incumbent is required to maintain an active DHS Transportation Workers Identification Credential (TWIC). Additionally, the incumbent will be required to complete annual NERC and other compliance training and participate in the Incident Response Team (IRT).
Qualifications
This position will require excellent problem-solving and decision-making skills, the ability to work with minimal supervision, and the ability to perform duties optimally in emergencies. Primary qualifications include:
- 2-5 years of security or computer experience, including systems administration or network experience.
-
Experience in Microsoft Active Directory, DNS, system architecture, storage solutions, virtual machine, or other Information Technology related experience is desired.
-
Cyber and physical alarm system event processing, dispatch operations, emergency notification systems, computer operations, camera system monitoring, or alert analysis experience.
-
Meet the internal on-the-job training expectations and successfully test against ISOC systems within twelve months.
-
Interpret technical manuals and write procedures and guideline documentation.
-
Strong report-writing skills.
-
Communicate as a native English speaker.
-
Certification(s) in Security-related fields is desired; ASIS APP, PSP or CPP, CompTIA, E/CH, CISSP, CISA or SANS, or technical certification in Cisco, Microsoft, Linux, or Unix.
AES Corporation
4300 Wilson Blvd
Arlington
Virginia United States
www.aes.com
