Analyst, Cybersecurity Threats & Risks
Enterprise Products · Greater Houston · 2 days ago
On-siteEngineeringFull-time
What You Will Be Doing
Implement and support leading technologies as a member of Enterprise Products’ IT team. Gain valuable experience with exposure to challenging and dynamic projects in all aspects of our business.
Join our highly experienced network of professionals and connect with our creative team.
Responsibilities
- Work within the IT Security & Compliance organization to identify, analyze, and help mitigate cybersecurity risks and threats affecting the organization’s systems, data, and operations.
- Assess cyber risk and monitor threat actor activity by analyzing security events, vulnerability data, threat intelligence, and security control effectiveness across infrastructure, applications, cloud, endpoint, and data environments.
- Work closely with cyber engineering, cyber architecture, cyber operations, and risk management teams to support detection, investigation, and response efforts, while contributing to a broader understanding of the organization’s risk posture and threat landscape.
- Collaborate with IT and business teams to support remediation efforts, improve security visibility, and strengthen day-to-day security operations.
Other Responsibilities Include, But Are Not Limited To
- Participate in cyber risk and threat analysis activities, including risk assessments, threat monitoring, threat modeling, vulnerability analysis, and evaluation of security control effectiveness.
- Analyze security alerts, threat intelligence, vulnerability data, and logs to identify potential threats, control gaps, and emerging risks.
- Document risk findings, threat activity, investigation results, and remediation recommendations in accordance with established risk management standards.
- Support threat investigations and incident response efforts through analysis, evidence collection, and impact assessment.
- Conduct and support vulnerability and threat assessments, including tracking risks and validating remediation efforts.
- Aid with third-party and vendor risk assessments by reviewing documentation and identifying potential risk exposures.
- Develop and document assessment procedures, test cases, and validation steps used to evaluate security controls.
- Identify opportunities to improve threat visibility, risk detection, and analytical workflows.
- Perform root cause analysis for security incidents, control failures, or recurring threat patterns.
- Adhere to change management, incident handling, and security governance policies.
- Monitor environments during significant changes or maintenance activities for potential risk or threat impact.
- Prepare risk and threat summaries for review by senior analysts, managers, and cross-functional teams.
- Collaborate closely with cyber engineering, architecture, and operations teams to support remediation and control improvements.
What Your Background Should Look Like (Minimum Qualifications)
- A college or technical school degree is preferred.
- Experience working in enterprise IT or security environments with diverse technologies and integrations.
- Foundational knowledge and experience in cyber risk and threat analysis concepts, threat detection and vulnerability assessments, as well as common security controls across infrastructure, applications, cloud, endpoint, and data environments.
- Working knowledge of security tools and platforms such as SIEM, vulnerability scanners, threat intelligence platforms, or GRC tools.
- Understanding of common threat frameworks and methodologies (e.g., NIST, MITRE ATT&CK).
- 2–5 years of applicable professional experience that substantially includes the following:
- Cyber threat analysis, vulnerability assessment, or security operations support.
- Reviewing and analyzing security alerts, logs, and threat intelligence.
- Documenting risk findings, investigations, and remediation recommendations.
- Experience supporting incident response, investigations, or post-incident analysis.
- Experience assisting with third-party or vendor risk assessments.