|The ideal candidate for this opportunity will fulfill the following job tasks. They will possess experience in tracking risks to the confidentiality, integrity, and availability of corporate data. They will also present a passionate interest in remediating to these risks and threats.
The Information Security Operations Engineer at EnerNOC is responsible for implementing, maintaining and monitoring systems that protect EnerNOC’s information assets, manage technology, and information risk. This individual will perform real-time packet and log analysis to provide network and data security for EnerNOC’s systems and platform. They will provide excellent client service while evaluating the type and severity of security events by making use of technical knowledge, experience, and an in-depth understanding of exploits and vulnerabilities. They will resolve issues by taking the appropriate corrective action, or following the appropriate escalation procedures. Work in a team environment and monitor the health and wellness of security devices on our networks.
As an information security expert with a strong technical foundation, the successful candidate will operate and maintain our security applications, help subject matter experts adhere to security policies, conduct forensics following security events, and help adhere to our SOX and other regulatory compliance programs. Given the needs of this role, we are therefore looking for someone with that unique blend of excellent technical, organizational and communication skills. The person in this role will need to prioritize and address security related events, and follow industry best practices.
Essential Duties and Responsibilities include:
- Provide excellent client orientated services to internal and external entities of EnerNOC
- Coordinating Risk Based security assessments and working with teams to identify and remediate issues
- Security incident detection, response, remediation
- Cyber threat and vulnerability analysis and remediation
- Conduct forensic analysis as part of the Security Operations Group
- Responding to security, compliance, and evidence requests from our Legal, HR, or other departments
- Recommend enhancements to EnerNOC’s security applications
- Perform other duties as assigned by the Information Security Manager or CIO
Preferred Technical Experience:
- Significant experience with virtualization, Linux, Windows, Cisco, and TCP/IP
- Firm understanding of event monitoring and logging on Linux, Cisco, and Windows
- Multi vendor experience with Next Generation Firewalls, IDS, IPS, and vulnerability management solutions
- Firm understanding of regular expressions and scripting
- An expert level of knowledge with network services, vulnerabilities and attacks
- Demonstrable ability to break down and analyze network communications at the packet level
- Working and demonstrable knowledge of multiple platforms, as well as exploits and vulnerabilities
- BS in Computer Science, Information Technology, Information Security or similar field or equivalent
- 10+ years experience in information security, network security, or positions with security responsibilities such as Incident Response, malware analysis, etc
- Experience participating in a corporate Risk Management Programs
- Excellent communications and interpersonal skills
- Highly motivated with ability to drive results
- Self-starter with high energy to meet the needs of a demanding business and IT environment
- CSIRT or CERT participation
- Knowledge of ITIL, and change management processes
- CISSP Certification
- GIAC certifications
- Hands on experience with multiple platforms in a corporate environment including Windows, Linux, OSX, Cisco, and other platforms.
EnerNOC is a leading provider of energy intelligence software and related solutions. EnerNOC unlocks the full value of energy management for utility and commercial, institutional, and industrial (C&I) customers by delivering a comprehensive suite of demand-side management services that reduce real-time demand for electricity, increase energy efficiency, improve energy supply transparency in competitive markets, and mitigate emissions. EnerNOC’s Utility Solutions™ offerings, which include both implementation and consulting services, are helping hundreds of utilities and grid operators worldwide meet their demand-side management objectives. EnerNOC serves thousands of commercial, institutional, and industrial customers worldwide through a suite of energy management applications including: DemandSMART™, comprehensive demand response; EfficiencySMART™, continuous energy savings; and SupplySMART™, energy price and risk management. EnerNOC’s Network Operations Center (NOC) offers 24x7x365 customer support. For more information, visit www.enernoc.com. EEO Employer/Vet/Disabled.