Overview
On Site
USD 78,500.00 - 140,400.00 per year
Full Time
Skills
Cyber Security
Real-time
Enterprise Networks
ICS
Computer Science
Management
Security Operations
Incident Management
Threat Analysis
CISM
CISSP
Scripting
Perl
Python
Ruby
C#
C++
Rust
Bash
Windows PowerShell
Open Source
Snort
Database
SQL
Kibana
Elasticsearch
Information Technology
Network
Analytical Skill
Problem Solving
Conflict Resolution
Decision-making
Project Management
NATURAL
Energy
Military
Law
Job Details
Job Description
Proactively identify cybersecurity incidents that may go undetected by other security tools. Respond to real-time security incidents and supports activities for response. Act as a liaison between the threat intelligence teams and the analyst teams to coordinate on emerging threats to the BHE networks.
Responsibilities
Hunt for existing threats or vulnerabilities already present in the networks. Analyze and correlate large data sets to uncover threats and attack techniques. This may entail taking emerging or developing reports of attacks and building or adjusting queries as needed to ensure the protection of the environment. 40%
Coordinate with threat intelligence analysts on emerging threats to the company or industry, seeking out potential issues in the environment. 30%
Assist endpoint and network protection SMEs in the development of protective or detective queries in existing tool sets that will allow for near real-time detection. When there is no threat immediately present, the potential for the threat in the future should be alerted on or blocked accordingly. 10%
Advise on tools, techniques, or policies to advance the posture and monitoring functions of the security operations center. This also includes environments beyond the enterprise networks such as Industrial Control System (ICS) environments. 10%
Provide timely and accurate cross-platform support in response to security threats. (10%)
Qualifications
Bachelor's degree in Computer Science, Information Technology, or related field; or equivalent work experience.
Direct experience performing threat hunting in an enterprise environment.
Two years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat I.
Four years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat II.
Six years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat III.
Eight years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Sr Cyber Threat.
At least one year of hands-on experience with a production security toolset. Experience with an EDR/MDR/XDR, network tapping infrastructure, and security automation is preferred.
Knowledge of security principles is desired through achievement and active pursuit of advanced security certification including CISM or CISSP or equivalent.
Familiarity with at least one programming and scripting languages such as PERL, Python, Ruby, C#, C++, Go, Rust, BASH, and Powershell, as well as open source security tools such as Syslog-NG, SNORT, Cuckoo, etc.
Ability to construct and execute complex database queries using SQL (Structured Query Language), KQL (Kibana Query Language), or eDSL (Elasticsearch Domain Specific Language).
General knowledge of information technology terms, equipment, systems, functions, and major vendors - Information Technology work experience strongly preferred. (Server, endpoint, network, etc..)
Effective interpersonal skills and customer relationship skills.
Effective analytical, problem-solving and decision-making skills.
Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.
Employees must be able to perform the essential functions of the position, with or without an accommodation.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
About Us
MidAmerican Energy Company, a Midwest utility, provides regulated electric and natural gas service to more than 1.6 million customers in Illinois, Iowa, Nebraska and South Dakota. The company owns and operates a portfolio of power-generating assets, approximately 61% of which is wind generation.
About the Team
MidAmerican Energy Company is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion or religious creed, age, national origin, ancestry, citizenship status (except as required by law), gender (including gender identity and expression), sex (including pregnancy), sexual orientation, genetic information, physical or mental disability, veteran or military status, familial or parental status, marital status or any other category protected by applicable local, state or U.S. federal law. Employees must be able to perform the essential functions of the position, with or without an accommodation.
Proactively identify cybersecurity incidents that may go undetected by other security tools. Respond to real-time security incidents and supports activities for response. Act as a liaison between the threat intelligence teams and the analyst teams to coordinate on emerging threats to the BHE networks.
Responsibilities
Hunt for existing threats or vulnerabilities already present in the networks. Analyze and correlate large data sets to uncover threats and attack techniques. This may entail taking emerging or developing reports of attacks and building or adjusting queries as needed to ensure the protection of the environment. 40%
Coordinate with threat intelligence analysts on emerging threats to the company or industry, seeking out potential issues in the environment. 30%
Assist endpoint and network protection SMEs in the development of protective or detective queries in existing tool sets that will allow for near real-time detection. When there is no threat immediately present, the potential for the threat in the future should be alerted on or blocked accordingly. 10%
Advise on tools, techniques, or policies to advance the posture and monitoring functions of the security operations center. This also includes environments beyond the enterprise networks such as Industrial Control System (ICS) environments. 10%
Provide timely and accurate cross-platform support in response to security threats. (10%)
Qualifications
Bachelor's degree in Computer Science, Information Technology, or related field; or equivalent work experience.
Direct experience performing threat hunting in an enterprise environment.
Two years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat I.
Four years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat II.
Six years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Cyber Threat III.
Eight years of experience in a technical role within a Security Operations Center, Incident Response Team, or Threat Intelligence for the Sr Cyber Threat.
At least one year of hands-on experience with a production security toolset. Experience with an EDR/MDR/XDR, network tapping infrastructure, and security automation is preferred.
Knowledge of security principles is desired through achievement and active pursuit of advanced security certification including CISM or CISSP or equivalent.
Familiarity with at least one programming and scripting languages such as PERL, Python, Ruby, C#, C++, Go, Rust, BASH, and Powershell, as well as open source security tools such as Syslog-NG, SNORT, Cuckoo, etc.
Ability to construct and execute complex database queries using SQL (Structured Query Language), KQL (Kibana Query Language), or eDSL (Elasticsearch Domain Specific Language).
General knowledge of information technology terms, equipment, systems, functions, and major vendors - Information Technology work experience strongly preferred. (Server, endpoint, network, etc..)
Effective interpersonal skills and customer relationship skills.
Effective analytical, problem-solving and decision-making skills.
Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.
Employees must be able to perform the essential functions of the position, with or without an accommodation.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
About Us
MidAmerican Energy Company, a Midwest utility, provides regulated electric and natural gas service to more than 1.6 million customers in Illinois, Iowa, Nebraska and South Dakota. The company owns and operates a portfolio of power-generating assets, approximately 61% of which is wind generation.
About the Team
MidAmerican Energy Company is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion or religious creed, age, national origin, ancestry, citizenship status (except as required by law), gender (including gender identity and expression), sex (including pregnancy), sexual orientation, genetic information, physical or mental disability, veteran or military status, familial or parental status, marital status or any other category protected by applicable local, state or U.S. federal law. Employees must be able to perform the essential functions of the position, with or without an accommodation.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.