Senior Security Analyst

Neptune Technology Group Inc. is a technology company serving water utilities across North America.  Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service.  With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water. For additional information, please visit the company website at www.neptunetg.com.

Senior Security Analyst

Position Summary

As a Senior Security Analyst, you will be a key member of Neptune’s 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You’ll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements.

Responsibilities:

Threat Detection & Monitoring

• Monitor and analyze security alerts from SIEM and EDR platforms
• Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments
• Maintain high-fidelity alerting and reduce false positives through tuning

Incident Response & Management

• Execute playbooks for triage, containment, and remediation of security incidents
• Assist in forensic investigations and contribute to post-mortem reports
• Participate in tabletop exercises and readiness drills

SIEM & Security Logging

• Maintain SIEM health and ensure reliable telemetry across all assets
• Develop and refine detection rules and correlation logic
• Support automation and orchestration workflows for incident handling

Identity & Access Management

• Monitor identity-related events for anomalies and privilege escalation attempts
• Support IAM lifecycle processes and enforce least privilege principles

Threat Intelligence & Modeling

• Integrate threat intelligence feeds into detection workflows
• Assist in threat modeling to identify potential attack paths

Reporting & Metrics

• Document incidents and provide timely updates to SOC Manager for reporting to parent company
• Track and report operational metrics (MTTD, MTTR, alert volumes, etc.)

Security Standards & Architecture

• Apply secure-by-design principles in collaboration with engineering teams
• Support zero trust initiatives and network segmentation projects

 Relevant Platforms (experience with several is expected):

• SIEM/SecOps: e.g. Google SecOps (Chronicle)
• EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra
• Network Security: e.g. FortiGate NGFW, FortiSASE
• Secure Browsing: e.g. Prisma
• Patching & Config: e.g. Automox
• Secrets Management: e.g. Keeper
• Asset Management: e.g. Axonius, Cyclops
• Email & Data Security: e.g. Mimecast, Microsoft Purview

 Minimum Qualifications:

• Bachelor’s degree (or equivalent experience)
• 3 years in Security Operations or Incident Response
• Hands-on experience with SIEM, EDR, and threat detection
• Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles
• Strong analytical and communication skills

Preferred Qualifications:

• Security certifications (e.g., GCIH, GCIA, CISSP)
• Experience with cloud security (AWS, Azure, GCP)
• Exposure to SOAR automation and scripting
• Travel Requirements: Typically requires overnight travel less than 10% of the time.

Travel Requirements: Typically requires overnight travel less than 10% of the time.

Location: Duluth, GA, Tallassee, AL