This site uses cookies. To find out more, see our Cookies Policy

IT Security Analyst - Job Family in Columbus, OH at NiSource

Date Posted: 7/11/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Columbus, OH
  • Date Posted:
    7/11/2018
  • Job ID:
    921385

Job Description

Responsibilities

The IT Security Analyst helps lead and manage the provision of outsourced security services and application of IT Security policies and procedures for all NiSource business units and control networks.  This role works closely with the Director of IT Security and Manager IT Security to ensure that Security Services are provided within the scope of the Service contract as reflected by service levels, the statement of work and pertinent schedules/exhibits.  This role also works closely with the Service Provider Delivery management team to track and monitor the overall progress of IT Security Operations processes and small- to medium-sized Security Services projects.

Key outcomes for success include:

  • Supporting IT Security Operations processes to ensure effectiveness and efficiencies
  • Assist and support the ongoing assessment and improvement of the NiSource Security posture

Essential Responsibilities:

  • Under the direction of the Director of IT Security or the Manager IT Security, performs routine assignments in the IT Analyst job band
  • Respond and participate in management of investigations related to security breaches, incidents and outbreaks in alignment with NiSource IT Management and Security Service provider
  • Participate in coordination of efforts of the Cyber Emergency Response Team (CERT)
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
  • Work closely with other IT Departments, business partners, project managers, and Service Providers to perform and/or support operations processes. 
  • Help drive resolution of security operational and service-based issues, reviewing, analyzing and reporting on Service Provider operations, as directed by the Manager IT Security Operations
  • Resolve or escalate issues related to security operations in a timely manner
  • Work with of legal hold/preservation order system & coordinate with in-house counsel to collect electronic data for internal review as appropriate
  • Work closely with the IT Support Services to resolve Service Provider related issues and to help ensure accurate reporting related to Service Provider performance
  • Work closely with NiSource project managers and Service Provider personnel to help track and monitor projects that meet business needs and adhere to agreed-upon service levels (e.g., budget, schedule, quality)
  • Create and revise policies and procedures to ensure operating efficiency and regulatory compliance.
  • Facilitate audits of processes related to Security Services.
  • Assist in ensuring the Service Providers are adhering to NiSource¿s defined policies, procedures and standards.
  • Confirm that Security Services supporting and procedures documentation is available and kept up-to-date
  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  • Maintain a solid understanding of the Service Providers¿ security operations and service delivery capabilities and processes
  • Interact with Service Provider team members, helping to ensure they are properly qualified and staffed appropriately to meet NiSource business needs
  • Maintain a solid understanding of the scope of the Service contracts as reflected by service levels, statement of work and pertinent schedules/exhibits
  • Other duties as assigned.
Qualifications

Required for Selection:

  • Bachelors Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts of IT Security
  • 2-3 years of experience in security services or security analysis, deployment and support
  • Working knowledge of LAN, WAN and VPN technologies
  • Understanding of OSI model and the role security plays within the stack
  • Broad understanding of IT Risks and Controls and ability to apply risk and control concepts.
  • Basic knowledge of the NIST Cybersecurity Framework.
  • Strong grasp of data privacy, protection, risks and controls.
  • Experience working closely with service providers, as directed by Management
  • Knowledge of  IT security tools and components, trends and best practices
  • A strong understanding of the business impact of security tools, technologies and policies.
  • Solid skills with computer operating systems (Microsoft Windows, Unix, Macintosh and Mainframe) and software (MS Office Suite, MS Project, and other IT applications) and ability to learn new technical concepts quickly
  • Excellent analytical abilities, including process analysis and development, problem solving and root cause analysis
  • Strong teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills
  • Ability to work in a confidential environment
  • Willing to travel to NiSource business unit or Service Provider locations, as needed
  • Willingness to be ¿on call¿ or respond to security situations as required by Management

Preferred for Selection:

  • NiSource business operations knowledge
  • Vulnerability scanning experience
  • Malware analysis and Threat analysis
  • Performing / managing Penetration Testing
  • General working knowledge of the gas and electric utility industry 
  • Involvement with and comprehensive knowledge of networking fundamentals (routing, firewalls, load balancing, etc.) and network traffic analysis
  • Experience in viewing and interpreting Windows event log analysis as well as overall security log management
  • Knowledge of ITIL processes and metrics
  • Familiarity with applicable legal and regulatory requirements, including, but not limited to, the Sarbanes-Oxley Act, FERC, NERC/CIP.

Senior Analyst

  • 4+ years of IT Security experience in varying support functions
  • Working experience with ITIL processes and metrics (ITIL V3 certification a plus)
  • Demonstrated skills in penetration testing, intrusion detection systems, firewall deployment and management, vulnerability assessments, incident response and/or patch management required
  • Effective written and verbal communication
  • Understands and applies Project Management Fundamentals
  • Proven track record in managing project (s)
  • Can work independently in the assigned functional domain

Subject matter expert in one or more of the following in an Enterprise Environment:

  • Operating systems Windows, Unix, Linux, etc.
  • Virtualization or Container technologies, VMware, Hyper-V, Citrix, VDI, Docker, etc.
  • Patch management tools and systems.
  • Networking including routers, switches, and firewalls
  • Endpoint Protection
  • Active Directory, Network Access Control, IDS/IPS, HIDS, SIEM, MDM/EMM, etc.

Lead  Analyst

  • 6+ years of IT experience in varying support functions
  • Demonstrated experience in leading multiple process improvement initiatives
  • Experience Developing a security program and delivering security projects that address identified risks and business security requirements.
  • Excellent written and verbal communication
  • Understands Project Management Fundamentals (PMP certification is a plus)
  • Proven track record in leading successful delivery of technical projects
  • Can work independently in multiple functional domains

Possess and maintain at least one of the following certifications:

  • GIAC Security Essentials (GSEC)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)
  • Systems Security Certified Practitioner (SSCP)
  • EC-Council Certified Security Analyst (ESCA)
  • CompTIA Security+ (Security+)
  • Cisco Certified Network Associate - Security (CCNA-S)
Inclusion & Diversity

Value inclusion within your day to day responsibilities by respecting others' perspectives/convictions, engaging others' opinions, creating a safe environment where people, ideas, and opinions are valued within your Team/Customers and external partners.

Respect and take into consideration diversity within your Team/Customers and external work partners by valuing different world views, challenges, and cultures that represent all walks of life and all backgrounds.

Treat others with respect and consideration.  Actively participate in creating and contributing to a positive work environment.


How To Apply

For immediate consideration, please apply on-line at careers.nisource.com on or before August 10th!

Equal Employment Opportunity

NiSource is committed to providing equal employment opportunities in each of its companies to all employees and applicants for employment without regard to race, color, religion, national origin or ancestry, veteran status, disability, gender, age, marital status, sexual orientation, gender identity, genetic information, or any protected group status as defined by law. Each employee is expected to abide by this principle.

By applying, you may be considered for other job opportunities.