CyberSecurity Analyst

Job Summary
At NiSource, our Enterprise Security department excels in engineering sophisticated defenses, architecting resilient systems, and proactively defending the vital cyber infrastructure that is crucial to our business operations. Security Analysts, Security Consultants, Sr Cybersecurity Engineers, and Principal Cybersecurity Architects play a pivotal role in ensuring the security, reliability, and robustness of our information assets against a backdrop of evolving cyber threats.

These technical experts lead cybersecurity innovation, crafting and sustaining a secure cyber environment that not only protects but also empowers our business. They adeptly navigate the complexities of our digital and physical infrastructures, applying their deep technical expertise to develop and implement advanced security solutions. These solutions are not just defensive barriers; they are enablers of business continuity, operational efficiency, and customer trust.

Our team is committed to the strategic integration of cutting-edge security principles within our architectural frameworks and operational processes. By seamlessly weaving security into the fabric of our operations, they deliver value to our customers through enhanced protection and service reliability.

Each role within Enterprise Security contributes uniquely to this mission. Security Analysts are the frontline defenders, monitoring and responding to threats in real-time. Security Consultants provide the critical bridge between security theory and practice, offering insights that shape our security strategies. Sr Cybersecurity Engineers are the builders of our cyber defenses, innovating and implementing solutions that fortify our systems. Principal Cybersecurity Architects, ensure that our security infrastructure is not only robust today but also agile and adaptable for the challenges of tomorrow.

Together, these roles embody our commitment to cybersecurity as a cornerstone of our business strategy, ensuring that NiSource remains a trusted and secure provider of essential services to our customers.

Key disciplines for our cybersecurity roles include:
Enterprise Cloud Security Engineering & Architecture: Ensuring the secure integration and operation of cloud-based infrastructure and services within the cybersecurity environment.
Application Security: Providing technical expertise in the development and enhancement of secure applications, integrating security throughout the software development lifecycle.
Network Security: Designing, developing, and implementing robust network operations and architecture, with a focus on advanced network security solutions and monitoring capabilities.
Threat Intelligence & Analysis: Analyzing and interpreting threat data, employing frameworks such as NIST CSF, and enhancing security measures based on actionable intelligence.
Incident Response & Forensic Analysis: Responding to and investigating cybersecurity incidents, performing forensic analysis, and ensuring rapid recovery and continuity of operations.
Identity & Access Management: Managing access controls and identity systems, including the implementation of federated identity, MFA, SSO, and privileged access management.
Penetration Testing & Ethical Hacking: Conducting controlled security assessments to identify vulnerabilities and strengthen the security posture against potential breaches.
Regulatory & Compliance Knowledge: Ensuring all cybersecurity practices are in line with regulatory requirements and industry standards for compliance and governance.
Artificial Intelligence & Machine Learning: Leveraging AI and ML to enhance cybersecurity initiatives, from threat detection to automated incident response.

Essential Functions

• Analyze and monitor enterprise cloud security configurations to identify misconfigurations or risks, recommending updates to ensure secure integration and alignment with organizational policies.
• Evaluate application security vulnerabilities during the software development lifecycle, preparing reports and collaborating with development teams to enhance security protocols.
• Monitor and optimize network security infrastructure, ensuring systems are operating effectively and addressing potential risks through regular assessments.
• Conduct threat intelligence research and analysis, leveraging frameworks such as NIST CSF to propose adjustments to security measures based on evolving threat landscapes.
• Respond to and investigate cybersecurity incidents, gathering evidence, documenting findings, and supporting forensic analysis to ensure timely recovery and continuity of operations.
• Manage access control systems, performing periodic reviews of permissions and implementing adjustments to maintain the integrity of privileged access management.
• Support penetration testing initiatives, identifying and documenting vulnerabilities, and coordinating with teams to implement remediation strategies.
• Assist in regulatory compliance efforts, preparing documentation and conducting reviews to ensure adherence to industry standards and best practices.
• Collaborate on integrating AI and machine learning tools to enhance threat detection and automate responses to identified risks.
• Required Qualifications For Position
• Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. However, equivalent professional experience, military service, relevant certifications, substantial industry tenure, or technical training may be considered as a substitute for formal education.
• 1+ year of experience in real-time monitoring and threat response.
• Proficiency in Cybersecurity principles, IT infrastructure, and Application Security.
• Understanding of Network Security protocols, Cryptography, and secure network architectures.
• Familiarity with Cloud Security, including IaaS, PaaS, and SaaS models.
• Knowledge of Cybersecurity frameworks such as NIST CSF.
• Proficiency in the use of SIEM tools and threat detection technologies.
• Ability to analyze and interpret various sources of threat intelligence.
• Skills in identifying and addressing security vulnerabilities and risks.
• Experience with AI and ML technologies in Cybersecurity.
• Expertise in secure software development lifecycle practices.
• Preferred Additional Qualifications for Position
• Advanced degrees or professional certifications such as CISSP, CISM, CEH, or equivalent.
• Contributions to Cybersecurity research or thought leadership in industry forums.
• Physical Demands
• Standing - Occasionally
• Walking - Occasionally
• Sitting - Constantly
• Lifting - Rarely
• Carrying - Rarely
• Pushing - Rarely
• Pulling - Rarely
• Climbing - Rarely
• Balancing - Rarely
• Stooping - Rarely
• Kneeling - Rarely
• Crouching - Rarely
• Crawling - Rarely
• Reaching - Rarely
• Handling - Occasionally
• Grasping - Occasionally
• Feeling - Rarely
• Talking - Constantly
• Hearing - Constantly
• Repetitive Motions - Frequently
• Eye/Hand/Foot Coordination - Frequently
• The preceding description is not designed to be a complete list of all duties and responsibilities required of the position.

As a public utility, NiSource is required to provide continuous service to customers at all times. To ensure we fulfill that obligation, employees may be required to work outside their normal work hours and perform tasks outside of their normal responsibilities in support of emergency operations.

Work Authorization

Authorized to work in the United States without requiring sponsorship.

Workplace Connection
Value inclusion within your day to day responsibilities by respecting others perspectives/convictions, engaging others opinions, creating a safe environment where people, ideas, and opinions are valued within your Team/Customers and external partners.

Respect the unique lived experiences within your Team/Customers and external work partners by valuing different world views, challenges, and cultures that represents all walks of life and all backgrounds.

Treat others with respect and consideration. Actively participate in creating and contributing to a positive work environment.

Equal Employment Opportunity
NiSource is committed to providing equal employment opportunities in each of its companies to all employees and applicants for employment without regard to race, color, religion, national origin or ancestry, veteran status, disability, gender, age, marital status, sexual orientation, gender identity, sex (including pregnancy, lactation, childbirth or related medical conditions), genetic information, citizenship status, or any protected group status as defined by law. Each employee is expected to abide by this principle.

By applying, you may be considered for other job opportunities.

Safety Statement
Promote a safe work environment by actively participating in all aspects of our employee safety program. Report any unsafe conditions and take actions to prevent personal injuries. Support our interdependent safety culture by ensuring the safety of your co-workers. Stay focused on the task at hand and promote productivity through good work habits.

Salary Range*:

*The salary offered to a candidate is based on several factors including but not limited to the candidates skills, job-related knowledge, and relevant experience , as well as internal pay equity .

Posting Start Date:

Posting End Date (if applicable):