Cybersecurity Analyst
Diamondback Energy · Oklahoma City, OK · 3 wk ago
Information TechnologyFull-time
Job Responsibilities
- Troubleshoot and resolve escalated cybersecurity support tickets.
- Support incident response efforts, including investigation, containment, eradication, and recovery.
- Develop and enhance security orchestration and automation playbooks to improve detection and response.
- Collaborate with cross-functional teams to design, build, and deploy secure systems and frameworks.
- Conduct vulnerability scans, security audits, and testing to ensure compliance and security hygiene.
- Track, prioritize, and remediate security vulnerabilities and risks identified through assessments.
- Support security assessments and risk evaluations of third-party vendors and internal applications.
- Affiliate with Identity and Access Management (IAM) controls implementation and administration.
- Promote cybersecurity awareness and analyze security trends to improve overall security posture.
- Provide cross-functional support, maintain relationships across teams, and participate in on-call coverage as needed.
Required Qualifications
- Bachelor’s degree (BBA or BS) in Management Information Systems, Computer Science, or a related field, or a minimum of 4 years of equivalent experience.
- At least 3+ years of cybersecurity experience.
- Working knowledge of common cybersecurity frameworks and standards (e.g., NIST, CIS, ISO 27001).
- Working knowledge of Security Information and Event Management (SIEM) solutions.
- Understanding of computer networking concepts, protocols, and network security methodologies.
- Working knowledge of firewall operations.
- CompTIA Security+ or another active entry-level cybersecurity certification.
Preferred Qualifications
- Experience with intrusion detection, NetFlow and log analysis, and rule/signature development, as well as programming or scripting.
- Experience implementing Identity and Access Management (IAM) concepts, including Segregation of Duties (SoD), RBAC, least privilege, and access governance.
- Working knowledge of cybersecurity program components such as policy development, application security, network security, incident response, disaster recovery, operational security, and end-user education.
- Strong written and verbal communication skills, with the ability to clearly articulate technical issues and solutions to non-technical stakeholders and leadership.