Position Title: Cyber Security Analyst (L1, L2, or L3)
Salary:
- L1: $85,000 - $115,000
- L2: $100,000 - $120,000
- L3: $105,000 - $140,000
- Benefits: 401K (6% match), Pension Plan, Stock Plan, Annual Merit Increase, and an annual company performance-based bonus (up to 10% for L1 and L2, 15% for L3).
Education Requirements (All Levels):
- Required: High School Diploma or equivalent.
- Preferred: Bachelor’s Degree in Computer Science, Information Systems, or other IT-related disciplines.
Licenses/Certifications (All Levels):
- Required: One relevant Information Security professional certification or the ability to obtain one within one year of hire (examples: CISCO, (ISC)2, GIAC, ISA, ISACA, CompTIA, e-Council, etc.).
- Preferred: Three or more of the following certifications (or similar): ACE, CCE, CAP, CEH, CCNA, CCNP, CISA, CISM, CISSP, CRISC, EnCE, GCCC, GCDA, GCED, GCFA, GCFE, GCIA, GCIH, GCWN, GICSP, GMON, GNFA, GPEN, GPPA, GREM, GWAPT, GXPN, OSCP, SSCP.
Position Concept - Level 1:
The Cyber Security Analyst (Operational Technology - OT) is responsible for ensuring the security and integrity of OT systems. This role involves managing and improving the asset inventory database, supporting the development and implementation of OT cybersecurity programs, and aligning activities with industry standards and regulations. Collaboration with cross-functional teams ensures the consistent application of security controls.
Experience:
- 5 years of experience in Cyber Security, IT, OT, or related technical roles (e.g., networking, telecommunications, hardware, software).
- Alternatively, 2 years of related experience with an Associate’s Degree, or 1 year with a Bachelor’s Degree in a related field.
- Basic knowledge of industrial automation systems and security systems (Windows, Mac OS, Linux/Unix, Firewalls, IDS/IPS, Antivirus, SIEM, etc.).
- Basic knowledge of forensic techniques and network protocols.
- Basic working knowledge of compliance requirements like NERC CIP, SOX, and PCI.
Preferred Skills:
- Experience with patch management, antivirus updates, and creating system backups.
- Basic troubleshooting of network communications and supporting compliance audits.
- Familiarity with industrial automation systems and network architectures.
- Responsibilities:
- Maintain the OT asset database and update configuration information.
- Install security patches, update antivirus definitions, and create system backups.
- Regularly assess and apply CVEs to OT systems.
- Assist OT teams with IT-related work including hardware, software, and network appliances.
Position Concept - Level 2:
The Cyber Security Analyst Sr focuses on addressing OT vulnerabilities, developing remediation plans, and ensuring compliance with the cybersecurity program. This role includes responsibility for cybersecurity monitoring, incident response, and team leadership.
Experience:
- 6 years of experience in Cyber Security, IT, OT, or related technical roles.
- Alternatively, 4 years of experience with an Associate’s Degree or 3 years with a Bachelor’s Degree.
- Advanced knowledge of operating systems (Windows, Mac OS, Linux/Unix), network security, and cybersecurity tools (Firewalls, IDS/IPS, SIEM, etc.).
- Experience with packet and malware analysis, penetration testing, and scripting languages (Python, Bash, PowerShell).
- Advanced working knowledge of compliance frameworks like NERC CIP, SOX, and PCI.
- Responsibilities:
- Evaluate OT network architecture and ensure systems comply with cybersecurity standards.
- Provide guidance and feedback to other cybersecurity analysts.
- Develop and implement cybersecurity maintenance procedures and threat assessment protocols.
- Evaluate new CVEs for relevance to OT systems.
Position Concept - Level 3:
The Cyber Security Analyst Lead is responsible for managing and improving the OT cybersecurity framework, implementing vulnerability management technologies, and aligning with industry standards. This role involves leading teams, developing remediation plans, and ensuring compliance with internal and regulatory standards.
Experience:
- 8 years of experience in Cyber Security, IT, OT, or related technical fields.
- Alternatively, 4 years of experience with an Associate’s Degree or 2 years with a Bachelor’s Degree.
- Extensive experience developing and implementing OT cybersecurity programs and aligning them with industry standards like NERC CIP, NIST, etc.
- Expertise in operating systems security, incident response, network analysis, and penetration testing.
- Expert knowledge in scripting and compliance with regulatory requirements.
- Responsibilities:
- Review, revise, and update OT cybersecurity standards and procedures.
- Evaluate OT systems for compliance with applicable standards.
- Develop and manage responses to audits and regulatory requests.
- Train and mentor team members and promote IT/OT collaboration across departments.
