Cyber Security Operations Analyst

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.)

DUTIES AND RESPONSIBILITIES

The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary.

1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action.

2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies.

3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team.

4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking.

5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting.

6. Assists with internal and external audits by collecting necessary documentation and evidence.

7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles.

8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs.

9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance.

10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists.

11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions.

12. Participates in a scheduled on-call rotation for after-hours and weekend security support.

REQUIREMENTS

* Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress).

Knowledge, Skills and Abilities

* Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company.

* Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements.

* Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration.

* Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools.

* Knowledge of TSA security requirements and regulations.

* Knowledge of identity management processes and procedures.

* Skill in project management.

* Ability to manage, track and analyze information.

* Ability to effectively work and cooperate with supervisors, co-workers, and vendors.

* Ability to follow corporate policies and the directions of supervisors.

* Ability to refrain from causing or contributing to the disruption of the workplace.