Job Description

WEC Energy Group is one of the nation’s largest electric generation, distribution and natural gas delivery holding companies. We employ over 7,000 people in our energy companies and service subsidiaries. As a Fortune 500 company, we value and develop our employees who are making a difference in a mission that matters. Job Summary The IT Cybersecurity Analyst is an intermediate level position with the purpose of transacting technical cybersecurity business given a competent knowledge of the work. Works on systems, deliverables and issues that are complex and applies industry best practices, as well as company policies and practices to develop solutions. Is required to effectively support the assessment of threat environment and receives general instructions on routine work and more detailed instructions on new work. Works to support the company’s overall cybersecurity infrastructure and operational effectiveness through cybersecurity preparedness, threat prediction and detection, incident response and recovery, and is involved in both design & engineering and operational activities. Specific functional areas include, but are not limited to, identity and access management, cybersecurity engineering and operations, threat intelligence, vulnerability management, situational awareness, cybersecurity analytics, cybersecurity incident management, and active defense. Operational duties include first and second level operational and incident response activities, threat analysis and correlation, implementing, configuring, testing, debugging and maintaining the systems in these functional areas, in addition to consulting, problem resolution, performance tuning and monitoring.Job Responsibilities

• Stay current with emerging threats, vulnerabilities, and mitigation techniques to continuously improve security posture
• Collaborate with internal teams including infrastructure, applications, security operations center, cyber threat intelligence, and offensive security to validate vulnerabilities, assess risk, prioritize and recommend mitigation strategies
• Identify, review and analyze vulnerability data to detect trends and patterns
• Install, integrate, configure, and deploy vulnerability scanning solutions
• Confirm and refine asset scope for scan activities
• Analyze scan results, track and coordinate with system owners to ensure timely remediation
• Maintain a vulnerability dashboard and provide executive-level reporting
• Influence the development of vulnerability management standards and security policies
• Executing vulnerability management processes, suggesting applicable change controls, and security exceptions
• Maintaining and updating process guides and assisting with reporting to leadership and service stakeholders
• Assisting and supporting incident handling/response investigationsMinimum Qualifications
• Bachelor’s degree in computer science, computer engineering, software engineering, information technology, computer information systems, MIS, or engineering is preferred. A combination of an associate degree, military or professional cybersecurity experience and cybersecuritycertification (CISSP, GAIC, MCSE, CEH, GICSP, CSSA, CISM) will be considered
• 5+ years in cyber security and a strong proficiency in Vulnerability Management
• Excellent communication and interpersonal skills
• Minimum of 2 years of experience with Vulnerability Management along with strong knowledge of CVSS scoring, patch management and secure configuration practices preferred
• Strong knowledge with SIEM platforms and threat intelligence toolsPreferred Qualifications
• Cybersecurity certification (CISSP, CISM, OSCP, CCSP, CCNA, GAIC, MCSE, GICSP, CSSA)

• In-Depth Knowledge of Operating Systems (Windows, Unix/Linux, MacOS)
• Programming and Scripting Experience (Python, PowerShell, Perl, Java, .NET (VB, C#), etc.)
• Network, Identity, and Authentication Management (TCP/IP, Switch/Route, DNS, DHCP, Kerberos, PKI, RADIUS, etc.)
• Cloud Platforms (Azure, AWS, GCP)

Job Tags

Similar Jobs