Careers

Come Join Us!

Georgia System Operations is a progressive organization offering opportunities for engineers, technicians, project managers, and more.  We’ve been honored with Best Place to Work in Georgia.

Our people-over-profit culture and competitive compensation and benefits packages prove we’re dedicated to retaining the best candidates.  

We offer comprehensive medical, dental, and vision coverage, a strong retirement program, career development, and flexible work schedules.  We’re focused on wellness and being a supportive member of the community.

Benefits

Affordable health insurance options, such as medical, dental, and vision coverage, are available for full-time employees.

Basic insurance for accidental death and dismemberment, long-term disability, and life insurance are available at no cost.  Employees can opt to pay for more coverage.

A competitive retirement plan, with company match and company contributions, is available for full-time employees.

We offer many options for our employees’ well-being, including an employee assistance program, an on-site fitness center, and several wellness-focused programs.

Educational reimbursement is available for full-time employees.  Employees can also participate in a 529 college savings plan.

Employees can participate in voluntary benefits, covering hospitalization and critical illness, legal and ID theft protection, and pet insurance.

Vacation and sick leave are available for full-time positions via the paid time off program. GSOC is closed for 11 national holidays annually.

We support growth and development for all our employees through an on-site training program, online learning tools, and programs designed to develop industry knowledge.

Our employees are given volunteer paid time off every year to contribute to the community service organization of their choice.

Cyber Security Analyst III - V
Department: Security Operations
Tucker, Georgia, United States -
Description

The Cyber Security Analyst plays a key role in securing industrial control systems for the electric grid and is GSOC's first line of defense against security threats. To perform this essential function, the Cyber Security Analyst must demonstrate a high degree of technical and analytical capability, as well as an ability to learn and adapt to quickly changing technologies, procedures, and compliance requirements.

As a Cyber Security Analyst for Security Operations at GSOC, you will be responsible for leading and mentoring other cyber security operators and analysts, developing and implementing security monitoring and incident response strategies, managing the cyber vulnerability management program, conducting threat hunting and analysis, developing and maintaining cyber security and regulatory compliance program documentation, and working to develop and enforce asset management and change management policies and procedures.

Job Duties:

  • Lead and mentor other cyber security operators and analysts.
  • Develop and implement security monitoring and incident response strategies for operational technology systems.
  • Analyze escalated security alerts and events and execute appropriate response and follow-up actions.
  • Manage the cyber vulnerability management program and conduct regular security assessments and vulnerability scans.
  • Identify and prioritize security risks and vulnerabilities and develop and implement appropriate risk mitigation strategies.
  • Mature the threat intelligence program and use threat intel feeds and other sources to lead threat hunting and analysis.
  • Develop and maintain cyber security program documentation, including policies, procedures, standards, guidelines, and other documentation as needed.
  • Stay up-to-date with the latest security trends, technologies, and regulatory requirements.
  • Provide regular reports and updates to management on the status of security and compliance.

Required Qualifications:

Education: Bachelor's degree in computer science or related field.

Experience:

  • Analyst III -
    • 4+ years of experience in cyber or information security, preferably with a focus on operational technology.
    • Experience with security monitoring and analysis tools, such as SIEM, IDS/IPS.
    • In-depth understanding of common attack techniques and methodologies.
    • Familiarity with vulnerability scanning platforms and vulnerability remediation guidance
    • Experience with threat intelligence feeds or platforms.
    • Proven ability to lead and mentor less experienced cyber security operators and analysts.
    • Proficient in one or more programming or scripting languages, such as Python, PowerShell, or Bash, for automating security tasks or performing data analysis.
    • Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders.
    • Experience working in or directly with a SOC, providing 24x7 support.
    • Experience working in regulated environments such as NERC CIP or others is highly desired.
  • Analyst IV -
    • 6+ years of experience in cyber or information security, preferably with a focus on operational technology.
    • SME-level technical knowledge of information security architecture, protocols, and best practices.
    • Expertise with security monitoring and analysis tools, such as SIEM, IDS/IPS.
    • In-depth understanding of common attack techniques and methodologies.
    • Expertise in vulnerability scanning platforms and vulnerability remediation guidance
    • Expertise with threat intelligence feeds or platforms.
    • Proven ability to lead and mentor a group of experienced cyber security operators and analysts.
    • Proficient in one or more programming or scripting languages, such as Python, PowerShell, or Bash, for automating security tasks or performing data analysis.
    • Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders.
    • Experience working in or directly with a SOC, providing 24x7 support.
    • Experience working in regulated environments such as NERC CIP or others is highly desired.
  • Analyst V -
    • 8+ years of experience in cyber or information security, preferably with a focus on operational technology.
    • Proven history of successfully leading cyber operations program development efforts, at various maturity levels.
    • SME-level technical knowledge of information security architecture, protocols, and best practices.
    • Expertise with security monitoring and analysis tools, such as SIEM, IDS/IPS.
    • Expertise with SOAR platform deployment, integration, and operations.
    • In-depth understanding of common attack techniques and methodologies.
    • Expertise in vulnerability scanning platforms and vulnerability remediation guidance.
    • Expertise with threat intelligence feeds or platforms.
    • Proven ability to lead and mentor a group of experienced cyber security operators and analysts.
    • Proficient in one or more programming or scripting languages, such as Python, PowerShell, or Bash, for automating security tasks or performing data analysis.
    • Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders.
    • Experience leading the development and operations of a SOC, providing 24x7 support.
    • Experience working in regulated environments such as NERC CIP or others is highly desired.

Equivalent Experience:

  • Analyst III - 8+ years of the above experience.
  • Analyst IV - 10+ years of the above experience.
  • Analyst V - 12+ years of the above experience.

Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.

Unusual Hours: Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed.