Cyber Security Analyst Location: Phoenix, AZ, US Date: Oct 25, 2024 **Requisition ID** : 17981 **Join us in building a better future for Arizona!** SRP is one of the largest public power and water utilities in the U.S. providing electricity to approximately one million customers in the greater metropolitan Phoenix area. Since its founding in 1903, SRP has fostered a culture of stewardship and customer service consistently ranking as an industry leader in customer service according to J.D. Power and named one of Arizona's best employers by Forbes. SRP continues to adapt to its changing business environment by seeking innovative ways to reimagine utility service and the provision of critical resources essential to the life and economy of Arizona. **Why Work at SRP** At SRP, we foster an inclusive work environment and believe everyone should have a fair chance to work, regardless of who they are. That’s why we value teams with diverse perspectives, experiences, and backgrounds to help SRP deliver on its mission of providing reliable, affordable and sustainable water and power. SRP's success is rooted in our employees' happiness, health, and safety. That's why we offer a comprehensive benefits package to meet the needs of our employees and enhance their well-being. In addition to competitive pay and performance incentives, eligible employees can take advantage of the following benefits: + Pension Plan (at no cost to the employee) + 401(k) plan with employer matching + Available your first day: Medical, vision, dental, and life insurance + Over 200+ hours of PTO (includes vacation days, holidays, floating holidays, and sick leave) + Parental leave (up to 4 weeks) and adoption assistance + Wellness programs (including access to a recreation and fitness facility) + Short and long-term disability plans + Tuition assistance for both undergraduate and graduate programs + 10 Employee Resource Groups for career development, community service, and networking **Summary** The Cyber Security Analyst will work in SRP's Security Operations Center (SOC) which is responsible for detection, response, and remediation of cyber security events across the enterprise. The Analyst will respond to security events, participate in incident response activities, and support tools used by the SOC team. Applicants should have excellent analytical, communication and problem-solving skills. **Please note we are targeting candidates who are new college grads up to 4 years of experience for this role.** **What You'll Do** • Identify, triage, and respond to cyber security events in SRP's corporate and operational environments • Analyze data from multiple sources and tools to discover anomalous and adversarial behavior • Maintain awareness of current threat landscape utilizing threat intelligence from government and industry partners, as well as information security community resources • Develop alerts, reports, and dashboards within the SIEM to facilitate detection and triage • Create playbooks and procedures to support detection and response scenarios • Advise and support implementation of security controls and new defensive capabilities • Analyze malware and suspicious files using static/dynamic techniques including sandboxing • Develop thorough understanding of relationship between IT/OT environments, business value of OT systems, and potential attack vectors in OT environments • Leverage knowledge of SRP's environment to conduct proactive threat hunts • Participate in department on-call rotation to respond to after-hours events **What It Takes To Succeed** Ideal candidates should have 1+ years of experience in an Operational Technology focused role, Security Operations Center or cyber security incident response role, or 3 to 5 years of Information Technology and/or InfoSec experience. The applicant should have a moderate to strong understanding of two or more of the areas listed below and have at least basic knowledge across most areas. • SIEM technologies (Splunk experience a plus) • Windows and Linux architectures, administration, and hardening • Thorough understanding of the TCP/IP network stack, including common protocols and network topologies • Network traffic analysis and packet capture tools (Wireshark, Bro/Zeek, etc) • IDS/IPS technologies • Enterprise antimalware/Endpoint Detection & Response (EDR) platforms • Microsoft Azure/M365 architectures and security features • Incident response and forensic analysis tools and procedures • Vulnerability management and mitigation concepts • Programming or scripting experience (PowerShell, Python, etc) Additional Information • Work schedule is flexible but typically 8x5 during daytime business hours. • Role requires participation in department on-call rotation which involves responding to emergency callout during non-business hours, as needed. • Occasional contacts with vendors of software, equipment, and services. • Occasional travel to industry organizational functions and SRP facilities. • Work with confidential data such as payroll and employee information. • Demonstrated capability to perform advanced and more difficult work as determined by the supervisor. • Is fully competent in all aspects of functional area of assignment and as such would be recognized as a specialist in area of assignment and may have periodic or occasional lead responsibilities. **Experience** Promotion to level 2 requires a minimum of two years of experience at level 1; demonstrated capability to perform advanced and more difficult work as determined by the supervisor. Promotion to senior level requires a minimum of three-years of experience at level 2; is fully competent in all aspects of functional area of assignment and as such would be recognized as a specialist in area of assignment and may have periodic or occasional lead responsibilities. Computer Information Systems, Computer Science, Cyber Security or degree in a similar technical discipline is preferred. Industry security certifications are beneficial but not required. Examples of relevant certifications include CISSP, SANS/GIAC (GSEC, GICSP, GRID, GCIP, GMON, GCIA, GCFA, etc), Security+, CCNA/CCNP Security. **Education** Completion of a Bachelor's Degree from an accredited institution that prepares the employee for the assignment. **Hybrid Workplace** SRP currently offers a hybrid workplace, which allows employees whose jobs can be performed remotely, and who have sufficient technical capability, to telework up to three days per week. Although teleworking is available, all employees must live and work in Arizona. We are taking steps to protect the health and well-being of all team members, and by following a number of health and safety protocols, to reduce the risk of the coronavirus (COVID-19). **Drug/Alcohol Policy Statement** To promote the safety and well-being of our employees, customers, and the communities we serve, SRP is committed to maintaining a drug/alcohol free work environment. Although marijuana may now be legal in Arizona, except as otherwise specified under Arizona law, SRP considers it to be an illegal drug for the purpose of our drug/alcohol policy because marijuana remains illegal at the federal level. Any candidate found to be impaired during the hiring process or who has the presence of an illegal drug or unauthorized substance in their system during the pre-employment drug/alcohol test may be disqualified from further consideration in the hiring process. **Equal Opportunity Employer Statement** Salt River Project (SRP) is committed to equal employment opportunity regardless of race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, disability, genetic information, military status, or any other protected status under applicable federal, state or local law. **Work Authorization** All candidates must be legally authorized to work in the United States. Currently, SRP does not sponsor H1B visas, OPT, or other employment-related visa's. **Nearest Major Market:** Phoenix