Come Join Us!
Georgia System Operations is a progressive organization offering opportunities for engineers, technicians, project managers, and more. We’ve been honored with Best Place to Work in Georgia.
Our people-over-profit culture and competitive compensation and benefits packages prove we’re dedicated to retaining the best candidates.
We offer comprehensive medical, dental, and vision coverage, a strong retirement program, career development, and flexible work schedules. We’re focused on wellness and being a supportive member of the community.
Affordable health insurance options, such as medical, dental, and vision coverage, are available for full-time employees.
Basic insurance for accidental death and dismemberment, long-term disability, and life insurance are available at no cost. Employees can opt to pay for more coverage.
A competitive retirement plan, with company match and company contributions, is available for full-time employees.
We offer many options for our employees’ well-being, including an employee assistance program, an on-site fitness center, and several wellness-focused programs.
Educational reimbursement is available for full-time employees. Employees can also participate in a 529 college savings plan.
Employees can participate in voluntary benefits, covering hospitalization and critical illness, legal and ID theft protection, and pet insurance.
Vacation and sick leave are available for full-time positions via the paid time off program. GSOC is closed for 11 national holidays annually.
We support growth and development for all our employees through an on-site training program, online learning tools, and programs designed to develop industry knowledge.
Our employees are given volunteer paid time off every year to contribute to the community service organization of their choice.
The Security Analyst plays a key role in securing industrial control systems for the electric grid and is GSOC's first line of defense against security threats. To perform this essential function, the Security Analyst must demonstrate a high degree of technical and analytical capability, as well as an ability to learn and adapt to quickly changing technologies, procedures, and compliance requirements.
The Security Analyst supports the GSOC compliance program by maintaining knowledge of NERC Critical Infrastructure Protection CIP standards and related policies in the areas of security event monitoring, access management, change management, and vulnerability assessments. Creates and maintains evidence of compliance with these standards and related policies. The Security Analyst contributes to efforts to update and improve related policies.
Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements.
Job Duties:
- Analyst I:
- Manages support requests from end-users. Resolves tier 1 requests, such as user password resets and application access problems. Facilitates routing of user access requests for authorization. Escalates and routes other requests to facilitate rapid resolution. Investigates optimal solutions to commonly encountered issues and drafts processes and related knowledge articles to address them.
- Actively monitors the environment for detected configuration changes. Attempts to reconcile detected changes to approved change requests. Escalates unreconciled changes for remediation.
- Reviews and responds to security alerts. Determines which alerts are false-positive or associated with non-malicious activity to mark for resolution. Escalates other alerts for remediation.
- Follows provided procedures to maintain asset inventory within the Change Management Database CMDB. Facilitates assessment of new assets for NERC CIP classification. Ensures asset statuses are maintained in the CMDB through the implementation of provided asset management, change management and sanitization procedures.
- Actively monitors the environment for the creation and modification of user accounts and changes to permissions and roles associated with user accounts. Attempts to reconcile these account events to approved access authorizations. Escalates unreconciled account events for remediation.
- Maintains knowledge of NERC CIP standards and related policies in the areas of security event monitoring, access management, change management, and vulnerability assessments. Creates and maintains evidence of compliance with these standards and related policies.
- Participates in periodic reviews and activities associated with access management and vulnerability assessments.
- Analyst II:
- Coordinates the GSOC asset management program. Works with various GSOC stakeholders to ensure the process is followed and identify opportunities for process improvement. Ensures the Change Management Database CMDB is maintained in a complete, accurate, and timely manner.
- Provides Tier 2 support for escalated security alerts, configuration changes, and user account activities. Maintains knowledge of the environment and technologies necessary to diagnose and resolve escalated events.
- Performs post implementation review of approved change requests to ensure scope of the approved change was implemented correctly and identified security controls were not adversely affected.
- Manages key metrics to identify common problems and alerts. Develops knowledge and documentation to resolve these common events.
- Coordinates with Security Engineering team to configure various security monitoring tools. Suggests additional sources for security-related events and alert configuration.
- Maintains knowledge of NERC CIP standards and related policies in the areas of security event monitoring, access management, change management, and vulnerability assessments. Creates and maintains evidence of compliance with these standards and related policies. Contributes to efforts to update and improve related policies.
- Identifies security alerts and events that should be tuned to reduce noise.
- Assists in the development and maintenance of desk procedures for the Security Analyst team.
Required Qualifications:
Education: Bachelor's Degree in Computer Science or related field.
Experience:
- Analyst I: Requires 0-2 years of experience in an industrial control systems environment, information technology, or information security role.
- Analyst II: Requires 2 or more years of experience in an industrial control systems environment, information technology, or information security role.
Equivalent Experience:
- Analyst I:
- Associates degree in Information Systems, Computer Science, Engineering, or related field with 2 or more years of experience in an industrial control systems environment, information technology, or information security role, OR
- High school diploma with 4 or more years of experience in an industrial control systems environment, information technology, or information security role.
- Analyst II:
- Associates degree in Information Systems, Computer Science, Engineering, or related field with 4 or more years of experience in an industrial control systems environment, information technology, or information security role, OR
- High school diploma with 6 or more years of experience in an industrial control systems environment, information technology, or information security role.
Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.
Unusual Hours: Occasional overtime may be required. Supports customers, incident response processes, and systems after hours, as needed.
