Deriva Energy, a portfolio company of Brookfield Renewable U.S., who is a nationwide leader in sustainable energy provides wind, solar, resilient backup power, and managed energy services to over 1,000 projects across the U.S., with a total electric capacity of more than 5,100 megawatts of nonregulated renewable energy is seeking a Cyber Security Analyst, Senior to be based in their Charlotte, North Carolina, headquarters.
As a member of the Deriva Cybersecurity Team, reporting directly to the Director of Cybersecurity & IT Compliance, your contributions will be key in driving our cybersecurity strategies and safeguarding our digital assets across the organization. In this pivotal role, you will develop and implement advanced cybersecurity measures to protect our digital infrastructure.
Responsibilities:
•Proactively maintain and continually improve our overall security strategy, including policy enforcement mechanisms, ownership definitions, monitoring systems, and process controls
•Actively develop and refine security standards, baselines, performance metrics; lead and conduct periodic reviews of cybersecurity architecture, assessments, and vendor performances
•Generate detailed analysis reports, execute, and coordinate audit findings, ensuring the highest level of network performance and security
•Rigorously monitor and strategically respond to any emerging cyber threats, minimizing potential business, financial, or reputational impacts
•Oversee user awareness training, ensuring alignment with regulatory obligations and internal best practices
•Conduct thorough network traffic analysis, correlating with other technologies to identify intrusion sources and implement effective countermeasures
•Analyze security incidents and provide strategic recommendations for improvements based on these insights
•Stay abreast of industry cybersecurity trends and maintain essential IT security documentation
•Monitor security alerts for potential malicious activity detected by systems such as Intrusion Detection/Prevention, Log Monitoring, Azure, Office 365, and Endpoint Detection
•Assist in coordinating 3rd party penetration/network assessments and facilitating both internal and external IT audits
•Participate in cross-departmental collaboration to ensure a comprehensive understanding of organizational needs and risks
Requirements:
•Bachelor's degree or college diploma in Information Technology or a related field OR 12 years of experience in lieu of degree
•8 years of experience in Cybersecurity
•Exceptional communication skills, with the ability to convey complex information in an understandable manner
•A collaborative team player with strong interpersonal skills to foster effective relationships across departments
•Proficient in delivering high-quality management reports with in-depth analysis
•Industry certifications (CISSP, CompTIA Security , CEH, CCSP, Microsoft certifications) will be considered a strong asset
•Comprehensive understanding of Cybersecurity principles and best practices
•Familiarity with Threat Intelligence engagement and reporting
•Experience in vulnerability management, security assessment, security awareness, and identity access management systems is highly desirable
•Knowledge of regulatory compliance frameworks (such as GDPR, HIPAA, etc.) is advantageous