<p>This position is within FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.</p> <p>This position's base reporting location is in Wadsworth Township, Ohio with significant flexible work location opportunities. This position is within FirstEnergy's IT Security Operations and reports to the Manager of Transmission Security Operations Center (TSOC).</p> <p>Preferred work location is Wadsworth, OH.</p> <p>The ability to work remotely within the United States may be available based on business need. This option is not available in the states of California, Colorado, Illinois, Kentucky, Massachusetts, Montana, Nebraska, New York, Oregon or Washington at this time.</p> <p>The IT Security Analyst position supports security information, incident response, forensics, threat intelligence, and event monitoring functions utilizing FirstEnergy's Security Information and Event Management (SIEM) tool, open-sourced tools, forensic tools, threat intelligence platform (TIP), Security Orchestration, Automation and Response (SOAR) platform, and big data solutions.? This role focuses primarily on monitoring the events and logs from FirstEnergy's Information Technology, Cyber Security and Physical Security data feeds and building out analytics based on adversarial behaviors. If activity is picked up through monitoring processes, this role requires the technical expertise to investigate the scenario appropriately. The ability to work independently as well as within groups is essential to this role. Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.</p> <p>Responsibilities Include</p> <p>Perform daily monitoring and investigative activities while on shift either days or nights</p> <p>Assist with processing cases that require forensics to validate findings, produce threat intelligence, or fulfill an HR/Legal request</p> <p>Process different threat reports for value and potential content development, as well as keeping up with the current/relevant threat landscape</p> <p>Provide continuous feedback on opportunities to enhance current processes and content, assisting to implement those changes</p> <p>Assist with engineering data to enhance analytical capabilities based on structure, enrichments, and linking between other data sets</p> <p>Research new capabilities from both open and closed sourced technologies to find opportunities to enhance the Security Operation Center (SOC) ecosystem</p> <p>Provide documentation for cases and forensic reports</p> <p>Maintain current knowledge of relevant technology as assigned</p> <p>Assist with metrics, reporting, and other SOC communications</p> <p>Process and share information with other FirstEnergy security teams</p> <p>Assist or lead projects designated by the SOC team</p> <p>Qualifications</p> <p>Associates Degree in Computer Science, Information Security, or similar discipline with a minimum of 5-7 years professional experience in a cyber or related IT function. Bachelor's Degree preferred</p> <p>Demonstrable subject matter expert knowledge in multiple major security technology systems or areas is required</p> <p>Master level knowledge of relevant work experiences</p> <p>Related experience includes but is not limited to: SOC (Security Operations Center) experience, IT Security experience in detection, triage, investigation, and remediation of security incidents within a network</p> <p>Demonstrate strong communication skills, both verbal and written</p> <p>Demonstrate creative problem solving and solutioning</p> <p>Ability to work effectively, independently and within a team environment</p> <p>Ability to handle, protect and preserve highly confidential information</p> <p>Ability to learn independently and from others</p> <p>Ability to find answers effectively using open-sourced information</p> <p>Understanding of programming/scripting code (Python, PowerShell, Bash), to interpret its functionality</p> <p>Understanding of both Linux and Windows operating systems</p> <p>Understanding of networking concepts and technologies</p> <p>Understanding of adversarial techniques (i.e., MITRE ATT&CK framework)</p> <p>Basic understanding of statistics</p> <p>Must be organized and comfortable with ongoing changes in priorities</p> <p>Must be able to work independently with minimal supervision</p>