Cyber Insider Risk & Forensics Analyst

Overview

Investigate insider threats, perform digital forensics, and support cyber incident response.

Key Responsibilities

• vulnerability research
• alert response
• traffic analysis
• incident triage
• trend reporting
• process documentation

Tasks

-Conducts vulnerability research activities, gathers information on new and emerging threats and vulnerabilities -A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity. -Investigates and responds to security alerts including on-call rotation -Steers the analysis of network traffic and system data to identify anomalous activity and potential threats to resources -Maintains the cybersecurity post-incident after action tracking process -Delivers cyber incident triage including identifying the specific vulnerability and making recommendations which enable expeditious remediation -Supports the development, design, logistics, and facilitation of internal and external cybersecurity exercises -Manages cyber incident trend analysis and reporting -Supports the strategic development of Cyber Security Programs ensuring alignment with the cyber security strategy and develops and improves cyber security procedures owned by the team -Creates and maintains high quality documentation related to IT processes including flow charts and data flow diagrams

Requirements

• cybersecurity
• splunk
• forensic tools
• insider risk
• 3+ years
• us citizen

What You Bring

-Degree or coursework in Cybersecurity, Digital Forensics, Information Technology, or related field. -Three or more years of experience in information technology, information security and/or cybersecurity. -One or more years of experience working with security operations, incident response, or behavioral analytics tools. -This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties. -One or more years of experience collecting and analyzing digital evidence using forensic tools such as FTK, Magnet Axiom, or EnCase. -One or more years of experience using Splunk or SIEM -One or more years of experience using Insider risk tooling (Forcepoint, Splunk UBA, etc.) -US Citizenship Required. -Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

People Also Searched For

Benefits

-This position’s work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.  Unless otherwise noted, employees are required to work and reside in the state of California.  Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

About Southern California Edison (Sce)

-a driving force in powering Southern California for over a century. -a major provider of electricity, emphasizing reliable service. -a leader in clean energy, focusing heavily on solar and wind power, reducing reliance on fossil fuels. -handles complex, large-scale energy projects that span residential, commercial, and industrial sectors. -historical projects include the integration of renewable energy sources and the modernization of the electric grid. -plays a pivotal role in sustainability, driving innovation in energy efficiency and green power initiatives. -continuously invests in cutting-edge technology to enhance energy delivery and reduce environmental impact.

Sector Specialisms

Security Clearance

-must pass a personnel risk assessment (pra) or background investigation before hire. -must complete specified training prior to gaining un‑escorted access to the work location.