Security Operations and Threat Response Sr. Analyst
Overland Park, KS, US
Black & Veatch
Together, we own our company, our future, and our shared success.
As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.
Company : Black & Veatch Corporation
Req Id : 106123
Opportunity Type : Staff
Relocation eligible : No
Full time/Part time : Full-Time
Project Only Hire : No
Visa Sponsorship Available: No
Why Black and Veatch
Recognized by Glassdoor as a 2023 Top 100 place to work and winner of the Newsweek’s 2023 America’s Greatest Workplaces for Diversity, Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. Our hybrid environment allows you to balance your work and personal life.
At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.
The Team
As part of BV Business Enablement, you will be part of the critical and forward-thinking group that enables our people, projects, and businesses to be as successful as possible by providing creative solutions. Functions in this group include CIO/Global Information Technology, Diode, ESH&S, Finance, Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services.
The Opportunity
In this role, the Security Operations and Threat Response Sr. Analyst will support the Cyber Defense and Operations (CDO) programs with focus on Vulnerability Management (VM), Incident Response, Threat Hunting, and cybersecurity assessment activities. In this role, the candidate will be responsible for monitoring, analyzing, and maintaining the security and integrity of networks and applications by ensuring system controls are properly deployed while adhering to security standards and industry best practices. The Information Security Analyst will have knowledge and experience with vulnerability detection solutions and remediation strategies, security operations, and risk management concepts.
Key Responsibilities
- Responsible for the effective detection and reporting of vulnerability detection and reporting across all platforms including on-prem and cloud environments.
- Document and maintain standards and procedures related to Vulnerability Management (VM).
- Strategically prioritize vulnerabilities while coordinating closely with the execution teams responsible for remediation.
- Oversight and governance over the coverage and quality of the solutions used to measure vulnerabilities, risk, and compliance with vulnerability management requirements.
- Generate technical and executive metrics for visibility and continuous improvement for the Vulnerability Management (VM) Program.
- Lead and support day-to-day operation and response to security alerts, alert triage, and escalation from SIEM, EDR, email & web security, CSPM, and network security devices.
- Document and maintain IR procedures related to Security Operations Center (SOC) and Incident Response & Operations.
- Generate technical and executive metrics for visibility and continuous improvement for the Security Operations Center (SOC) and Incident Response & Operations Programs.
- Coordinate and lead threat hunting and assessment exercises for proactive detection and remediation.
- Improve security posture by continuously identifying threats and exposures to stay ahead of threat actors; determine the root causes of security incidents and recommend the plan of action to improve the security posture.
- Monitor trending TTP's and IOC’s to prepare and respond to incidents.
- Maintain up-to-date knowledge of emerging threats and vulnerabilities.
- Perform other duties as assigned.
Preferred Qualifications
- Bachelor’s degree in information security or information Technology or or equivalent work experience
- Minimum 7 years of Information Security experience with a focus on Vulnerability Management, Incident Response and Threat Management
- Must have 5 years of experience in vulnerability management in mid-size or large organizations.
- One or more certifications such as CISSP, GCIA, GCIH, CEH
- Strong understanding of current threats and trends present in the cybersecurity and OT field.
- Knowledge of security and privacy frameworks such as Cyber Kill Chain, MITRE, NIST, ITIL, SANS, NERC CIP, CIS, CMMC, OWASP, etc.
- Excellent verbal communication, and interpersonal skills to document and communicate findings, escalate critical findings to stakeholders.
- Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit.
- Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment.
- Ability to adjust quickly to shifting priorities, and decision-making skills with limited information.
- Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude.
Minimum Qualifications
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Work Environment/Physical Demands
Typical office environment. This position is a hybrid role, which will require at least 3 days on site.
Competencies
Decision qualityCustomer focusSalary Plan
ITS: Information Technology ServiceJob Grade
006Black & Veatch endeavors to make www.bv.com/careers accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at +1-913-359-1622 or via our accommodations request form. This contact information is for disability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.
Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.
Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.
We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.
By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.
Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
For our EEO Policy Statement, please click here. If you’d like more information on your EEO rights under the law, please click here and here.
Notice to External Search Firms: Black & Veatch does not accept unsolicited resumes and will not be obligated to pay a placement fee for unsolicited resumes. Black & Veatch Talent Acquisition engages with search firms directly for hiring needs.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CISSP Cloud CMMC Compliance CSPM Cyber defense Cyber Kill Chain EDR Finance GCIA GCIH Governance Incident response ITIL Monitoring NERC CIP Network security NIST OWASP Privacy Risk management SANS SIEM SOC Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Flex vacation Health care Insurance Relocation support Salary bonus Startup environment Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.