We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
City of Garland jobs

Sr. Cyber Security Analyst

City of Garland
United States, Texas, Garland
200 North 5th Street (Show on map)
Jul 17, 2025

Summary

Responsible for the digital security of the information technology infrastructure for Garland Power & Light by evaluating, planning and implementing the security systems that protect GP&L's IT and OT infrastructures. The role will provide system analysis, design support and apply information security tactics to the corporate, SCADA, and EMS systems to comply with federal, state, and company regulatory policies and procedures. Also responsible for monitoring and securing the systems and networks.

Pay Range: $90,000 - 120,000 (Depending on qualifications and experience)

Work Schedule: Typical Monday - Friday, 8:00am - 5:00pm

Essential Duties and Responsibilities include the following. Other duties may be assigned.

  • Monitor and triage security alerts within Microsoft Defender XDR, Microsoft Sentinel, and related SIEM/SOAR platforms.

  • Perform first-level incident response activities including alert analysis, documentation, escalation, and resolution tracking.

  • Investigate, validate, and respond to endpoint detection alerts, identity-based risks, and email threats flagged by Defender XDR.

  • Analyze telemetry data from endpoints, email, cloud applications, and user behavior to identify anomalies and potential security incidents.

  • Support security incident response by collecting artifacts, generating timelines, and collaborating with senior analysts and IT teams.

  • Assist in tuning detection rules, maintaining watchlists, and refining automated workflows in Microsoft Defender XDR and Sentinel.

  • Maintain incident response documentation, create daily summary reports, and assist with KPI metric tracking.

  • Assist in reviewing and maintaining compliance with NERC CIP standards as they apply to security monitoring and incident response.

  • Help enforce security policies and collaborate with IT teams to support secure configurations across endpoints and identities.

  • Support compliance initiatives and provide documentation for NERC CIP audits and spot-checks related to cybersecurity operations.

  • Assist in the planning, execution, and analysis of the organization's phishing simulation campaigns, including user targeting, reporting, and awareness follow-up activities.

  • Participate in on-call rotation, if applicable, and contribute to security operations readiness and continuous improvement.

Minimum Qualifications

  • Bachelor's degree in cybersecurity, information technology, computer science, or a related discipline.

  • 4-5 years of relevant experience

Or an equivalent combination of education and experience sufficient to successfully perform the essential functions of the job.

Preferred Qualifications

Education/ Experience

  • 5+ years of experience in a Security Operations Center (SOC) or similar operational security support environment.

Knowledge, Skills & Abilities

  • Demonstrated experience working with Microsoft Defender XDR, including components like Defender for Endpoint, Identity, Office 365, and Cloud Apps.

  • Familiarity with Microsoft Sentinel or other SIEM platforms for incident investigation and log correlation.

  • Experience supporting regulatory frameworks such as NERC CIP, NIST 800-53, or CIS Controls.

  • Experience triaging and escalating alerts, tracking incidents, and contributing to root cause analysis and post-incident reports.

  • Working knowledge of system and network logging, Windows/Linux operating systems, and scripting or automation tools.

  • Experience with application development (e.g., .NET, Python, Java, PowerShell, or web development frameworks) is preferred, especially as it relates to security tool integration or automation.

  • Familiarity with Azure Logic Apps and Power Automate Premium is preferred for developing automated workflows that support incident response, alert triage, and ticketing integration.

Licenses and Certifications

  • Valid Class C Texas driver's license

Preferred but not required:

  • Microsoft Certified: Security Operations Analyst Associate (SC-200)

  • Microsoft Certified: Azure Security Engineer Associate

  • (ISC) Systems Security Certified Practitioner (SSCP) - This certification is recommended upon completion of one year of employment.

  • CompTIA CySA+ (Cybersecurity Analyst)

  • GIAC Security Essentials (GSEC), GIAC Cyber Threat Intelligence (GCTI), or equivalent

  • Familiarity with NERC CIP standards or related compliance frameworks is a plus

Applied = 0
MORE JOBS LIKE THIS

(web-8588dfb-6fpzf)