View all jobs

Cybersecurity SIEM Administrator

Austin, TX · Information Technology
Leads a variety of cybersecurity monitoring and response processes. Supports technologies that perform cybersecurity functions such as access control, monitoring or vulnerability assessment. Leads incident response and provides support to the end-user community to ensure they have up-to-date protection from malicious software and other cyber threats. Tests and recommends security measures to remediate and mitigate risk. Performs evaluation and analysis of security applications and systems and makes recommendations to management. Recommends best practices to ensure system security across the enterprise. This position requires specialized depth and/or breadth of expertise. Interprets business issues and recommends best practices. Solves complex problems; takes a broad perspective to identify innovative solutions. Works independently, with guidance in only the most complex situations. May lead functional teams or projects. Progression to this level is limited based on business requirements.
  • Provides cybersecurity expertise in the development and execution of cybersecurity initiatives and strategies.
  • Serves as the technical lead on major cybersecurity incidents and leads the coordination of other cybersecurity events with the Cybersecurity Operations team.
  • Performs risk assessments, determines the cause of security violations and recommends security measures or systems to mitigate risk.
  • Monitors security alerts on internet and other intelligence feeds and determines whether reported threats could impact information technology or operational technology systems.
  • Interacts with end users concerning malware, spam, vulnerabilities and any other cybersecurity issues.
  • Coordinates, monitors and maintains various cybersecurity support systems (ticketing assignments, reporting, etc.).
  • Reviews and creates reports on user and system activities.
  • Plans and implements highly complex cybersecurity technology projects.
  • Provides business continuity/disaster recovery and risk analysis expertise.
  • Provides technical consulting to other groups on cybersecurity requirements. Creates and delivers security training materials and classes for asset owners, software developers and system administrators.
  • Implements and ensures technical security systems and compliance solutions. Documents and maintains objective evidence to demonstrate regulatory compliance.
  • Performs work by traveling independently or with a small team to various locations (substations, power plants, water systems, etc.) as scheduled.
  • CISSP, GIAC or similar certification
Powered by