IT Security Advisor
The Information Security (IS) Advisor will join the Information Security Team to detect and defend the organization from cyber security adversaries. Additionally, the IS Advisor will participate in projects and initiatives to design and implement various information security controls. The successful candidate will demonstrate strong knowledge of and experience with industry best practices and frameworks.
Responsibilities:
Incident Response
- Initiate immediate actions to contain identified cyber security issues detected from a variety of platforms and operating systems or as reported by end users. Perform forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation to contain threat. With a sense of urgency, work with IT colleagues on containment and a plan to eradicate vulnerability, coordinating the incident response process.
- Write technical reports on incident findings and recommendations to prevent incidents.
- Monitors a variety of platforms, operating systems and security technology software for security alerts. Logs, document, review, and assess alerts. Identify intrusion artifacts at the host and network level. IT/OT Security technology software may include Email SPAM filtering solutions, vulnerability scanning solutions, Intrusion Detection Systems, anti-virus software, Internet web filtering solutions.
Vulnerability Management
- Correlate multiple data sources to identify vulnerabilities, make recommendations and work with system owners to expedite remediation
- Conducts cybersecurity risk assessments on internal systems and processes and coordinates responses to external risk assessments requests from customers or third-party software providers as needed.
- Manage and enhance vulnerability scanning tools and capabilities
- Manage and influence system owners to adopt enhancements or remediation
Optimization
- Investigates false positives and assesses enhancements to eliminate
- Enhances cyber vulnerability tools, software platforms, processes, and procedures to continually optimize cyber security programs in alignment with NIST
- Additional responsibilities as assigned or requested
Job Requirements:
Education & Background
- Bachelor’s Degree in Computer Science, Information Technology, Information Security or related field is preferred
- Prefer at least one of the following certifications:
- CompTIA Cybersecurity Analyst+ (CySA+)
- Offensive Security Certified Professional (OSCP)
- GIAC Certified Incident Handler (GCIH)
- Certified Information Systems Security Professional (CISSP)
Experience & Knowledge
- At least ten years’ (10) experience addressing IT and cyber security escalated alerts, preferably in an Enterprise Security Team environment
- Experience with NIST Cybersecurity Framework required
- Prefer experience with the following:
- Experience with Azure Cloud Environment including Microsoft 365
- Email phishing protection platforms
- SIEM/SOAR platforms
- Threat intelligence platforms
- Security compliance frameworks (CIS, etc.)
- OT Networking and protocols
- Background in foundational IT infrastructure concepts (network, server, virtualization, data center)
- Demonstrable knowledge of the following:
- Network security concepts
- Modern threat actors, malware, and TTPs
- Scripting abilities (PowerShell, Python, etc.)
- Vulnerability Management Platforms
Vaccine Information:
Calpine requires an individual who is newly hired into this position to be vaccinated for COVID-19 within the first 28 days of employment - if not already vaccinated prior to starting employment. If you have any concerns regarding compliance with this requirement, you will need to discuss your concerns with Calpine’s HR department after a decision has been made about whether or not to make you a conditional offer of employment. Calpine does not require applicants to discuss vaccination status prior to receipt of a conditional offer of employment and complies with all applicable laws requiring reasonable accommodation.