Multiple - System Analyst or Senior System Analyst, Cyber Threat Intelligence (CTI) & Vulnerability Management (VM)

Job Info

Sep 16, 2022


Posting Expiration Date: Nov 16, 2022

Schedule Type: Full-Time

Organization: IT Engineering & Operations

Department: Information Security

Section: IT ENG Cyber Security Ops

Location: NY-New York-4 Irving Pl Headquarters

Job Description

Mission Statement

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.

Core Responsibilities

  • Correlate security events to identify threats and implement countermeasures to reduce attack surface
  • Competently implement and continuously perform threat hunts
  • Deep analysis of malware, cyber-attacks, and attack trends
  • Develop assessment strategies with key stakeholders
  • Defines, designs, and implements strategies to protect against emerging threats using security tools
  • Production and delivery of intelligence briefs
  • Support incident response efforts and threat detection capabilities
  • Threat feed assessment, deployment, and tuning
  • Development of collection plans aligned with intelligence requirements
  • Collection and analysis of data from internal and external sources
  • Perform blue and purple team functions while collaborating with the red team
  • Lead vulnerability management incident response efforts and events
  • Continuously build vulnerability management and threat intelligence workflows and processes
  • Provide technical expertise and support to business partners and leadership on cybersecurity threat assessments, development, testing and the implementation
  • Implement & operate applicable information security plans, procedures, and control techniques designed to prevent cyber-attacks & events
  • Create accurate documentation that provides concise explanations and conveys informative descriptions of findings, including technical explanations/walkthroughs, root causes, impact, and remediation/mitigation strategies
  • Continuously learn, improve, and hone your skills to deliver advanced assessments
  • Develop scripts and tools to automate tedious processes and increase efficiency
  • Stay abreast of TTPs, global security incidents, industry trends, advisories, publications, research, talks, and other relevant developments
  • Effectively communicate technical concepts to a non-technical audiences
  • Coordinate with business owners to remediate/mitigate findings and verify changes are effective
  • Represent the company in the industry with research, talks, publications, articles, posts, training, etc.
  • Assist with developing internal methodologies and process improvement for the team, including mentoring and transferring knowledge across team members
  • Collaborate across the organization to build out improvement opportunities
  • For Sr. Systems Analyst (2L) in addition to the responsibilities listed above:
  • Create framework for threat hunts, threat intelligence analysis and vulnerability management IR
  • Implement strategies for attack surface reduction
  • Act as lead and SME for the CTI & Vulnerability Management team
  • Ability to lead incident response efforts across the organization
  • Present to executive level stakeholders
  • Lead overall strategy and build for the new CTI & Vulnerability management team

Required Education/Experience

  • High School Diploma/GED And 5 years of IT experience (1H) Or
  • Associate's Degree And 4 years of IT experience (1H) Or
  • Bachelor's Degree And 2 years of IT experience (1H) Or
  • High School Diploma/GED And 6 years of IT experience (2L) Or
  • Associate's Degree And 5 years of IT experience (2L) Or
  • Bachelor's Degree And 3 years of IT experience (2L)

Required Work Experience

  • At least 1 year in a cybersecurity role Pref

Skills & Ability

  • Articulate and responsive to colleagues And
  • Demonstrated analytical skills And
  • Strong written and verbal communication skills And
  • Strong verbal communication and listening skills

Licenses & Certifications

  • Driver's License Required
  • Other: Security+, Pentest+, CySA+ 1 Year Preferred

Physical Demands

  • Must push, pull, lift up to 25 pounds

Other Physical Demands

  • Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.

Technical Difficulty Statement

Equal Opportunity Employer

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.