Senior Cyber Security Analyst

SRP delivers high-value electricity and water for the benefit of our customers, shareholders and the communities we serve. We are a community-based, nonprofit utility and one of the nation's largest public power utilities. SRP provides electricity to more than 1 million retail customers in a 2,900-square-mile service area that spans three Arizona counties, including most of the metropolitan Phoenix area (known as the Valley).

The Cyber Security Analyst will work in SRP's Security Operations Center (SOC) which is responsible for monitoring of, responding to, and mitigating cyber security events across the enterprise. This role will respond to day-to-day events, participate in incident response activities, support tools used by the SOC team, assist with metrics tracking and development, assist with evaluating current and new software and tools, and work to develop subject matter expertise in one or more SOC functions. Applicants should have good analytical, communication and problem solving skills.

* Candidates should have a good understanding of Information Technology fundamentals, cyber security defense technologies, risk management concepts, and the cyber threat landscape. The role should have a fair to strong understanding of two or more of the areas listed below and have at least basic knowledge across most areas: * Malware identification and analysis * IDS/IPS technologies - SourceFire experience a plus * SIEM technologies - Splunk experience a plus * TCP/IP traffic analysis * Data loss prevention * Incident response and forensic analysis tools and procedures * Vulnerability management and mitigation * Enterprise anti-virus solutions * Remote access technologies * Windows and Linux architectures, administration and hardening * Programming or scripting experience related to cyber security

**Education** * Completion of a Bachelor's Degree that prepares the employee for the assignment. **Experience** * Ideal candidates should have 1+ years of experience in a security operation center or cyber security incident response role as well as 3 to 5 additional years of technology and/or InfoSec experience. * Work schedule is flexible but typically 8x5 during daytime business hours. * Role requires participation in department on-call rotation which involves responding to emergency call out during non-business hours, as needed. * Travel occasionally required for industry training and conferences that cannot be found locally. * Certifications such as CISSP, CEH, Security+, GSEC, GCED, GCIH or CCNA/CCNP Security are a plus **Additional Information** * Responsible for planning, scheduling and monitoring for projects. Occasional contacts with vendors of software, equipment and services. Occasional travel to industry organizational functions and SRP facilities. Ability to work effectively using the services of various organizational groups within SRP. Depending on assignment, frequent requirement to work with confidential data such as payroll and employee information. * Demonstrated capability to perform advanced and more difficult work as determined by the supervisor. Is fully competent in all aspects of functional area of assignment and as such would be recognized as a specialist in area of assignment and may have periodic or occasional lead responsibilities. * Industry security certifications preferred, including CISSP, CISA, CISM, CEH, CPA, CRISC, OSCP, PMP, ITIL, SANS GIAC, SEI-CMMI or SSCP.