The Cyber Defense Analyst will act on Information Security incidents and provide remediation actions as required. This position will also perform Threat Hunting activities looking for malicious activity in the network.

To accomplish these tasks, the candidate must have a strong understanding of computer systems, cyber-attack methods/tools, and underlying principles of networking, infrastructure, and system integration. In addition, provides technical expertise to key Security tools and software. This includes requirements in the planning, coordination, programming, and implementation of releases, upgrades or changes to security system software and hardware.

Essential Functions:

• Develop content for cyber defense tools.
• Performs Incident Response functions for the SOC team to ensure incidents are handled appropriately to minimize risk and impact to the company.
• Analyzes and processes case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
• Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring flexibility and responsiveness
• Performs threat hunting activities in various security systems looking for malicious activity which may go undetected by other means.
• The ability apply limit cyber threat intelligence to known adversarial TTPs to predict or anticipate behaviors
• Develops monitoring rules and alerts for identifying cyber security incidents
• Assists in security incident handling to ensure timely mitigation and remediation efforts are completed
• Produces high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
• Must be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
• Assess vulnerabilities through scans and penetration testing techniques with tools such as Nmap, Nessus, KaliLinux.

Required Skills Education and Experience:

Minimum of 3 years of experience in the field of information security

Bachelor’s degree in Information Systems or related technical discipline is required

• Knowledge of common network tools (e.g., ping, traceroute, nslookup) and interpret the information results.
• Strong working knowledge of information systems security standards and practices
• Ability to write scripts in at least one language (Python & PowerShell Preferred)
• Knowledge of the common attack vectors on the various OSI layers
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored]).
• Knowledge of basic system administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), andtools.
• SIEM Platforms
• Endpoint Detection & Response technologies
• Active Directory
• Ethical Hacking & Penetration Testing Methodologies

Licenses & Certifications from one of the following organizations:

• SANS/GIAC
• EC-Council
• ISC2

Compensation and Benefits

Eversource offers a competitive total rewards program. The salary range for this position starts at $86,160.00 and the market rate is $95,720.00, plus incentive. Salary is commensurate with your experience. Check out the career site for an overview of our benefits.

Working Conditions:

• Must be available to work emergency restoration assignment as required.
• Must be available to travel between MA/CT/NH as necessary.
• Must be able to work off hours as required by cyber incidents

#corpajd

Worker Type:

Regular

Number of Openings:

1

EEO Statement

Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.

VEVRRA Federal Contractor

Emergency Response:

Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.