Security Analyst

Security Analyst

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water.

As a Security Analyst within Neptune's Security Operations Center (SOC), you will be responsible for monitoring, investigating, and responding to cybersecurity threats across Neptune's enterprise environment. You will investigate escalated alerts and detections, support incident response activities, coordinate with IT Operations and Engineering teams, and assist with the administration, configuration, and tuning of security tools.

The Security Analyst plays a critical role in protecting Neptune's systems, users, data, and business operations by identifying, containing, and mitigating cyber threats while supporting the continuous improvement of Neptune's security monitoring and response capabilities.

Responsibilities:

• Monitor security events, alerts, and detections across Neptune's security platforms
• Investigate escalated alerts and suspicious activity identified through security monitoring tools
• Analyze security events to determine legitimacy, impact, and required response actions
• Identify indicators of compromise, malicious activity, and emerging threats
• Perform threat hunting activities to proactively identify potential security risks
• Monitor security dashboards and ensure timely response to security events

Incident Response & Investigation:

• Participate in cybersecurity incident response activities, including investigation, containment, eradication, and recovery
• Perform initial triage and analysis of security incidents
• Collect and analyze forensic artifacts, logs, and endpoint telemetry during investigations
• Document findings, response actions, and lessons learned
• Escalate incidents appropriately based on severity and impact
• Support root cause analysis and post-incident reviews

Security Operations & Collaboration:

• Coordinate with IT Operations, Infrastructure, Engineering, and Application teams during investigations and remediation activities
• Support vulnerability management efforts by identifying and tracking remediation activities
• Assist with security reviews of systems, applications, and infrastructure
• Participate in security projects and operational initiatives
• Support security awareness and operational readiness efforts
• Collaborate with Neptune's MSSP and third-party security partners during investigations

Security Tool Administration & Engineering:

• Support the configuration, administration, maintenance, and tuning of security tools
• Assist with detection rule creation, tuning, and optimization
• Validate security telemetry and log ingestion across monitoring platforms
• Support security automation and orchestration initiatives
• Participate in the deployment and implementation of new security technologies
• Assist with dashboard creation, reporting, and security metrics development

Compliance & Governance Support:

• Support compliance initiatives aligned with NIST, CIS Controls, ISO 27001, and Roper Cybersecurity requirements
• Assist with audit requests, evidence collection, and security documentation
• Maintain incident records, procedures, and operational runbooks
• Support continuous improvement of SOC processes and procedures

Relevant Platforms (experience with several expected):

• CrowdStrike Falcon
• Google SecOps (Chronicle)
• Microsoft Defender
• SIEM Platforms
• Endpoint Detection and Response (EDR) Platforms
• Security Orchestration, Automation, and Response (SOAR)

Minimum Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
• 2+ years of experience in cybersecurity, security operations, IT operations, or related technical field
• Experience investigating security alerts, detections, and incidents
• Understanding of security concepts including malware, phishing, identity attacks, vulnerabilities, and network security
• Familiarity with SIEM, EDR, and security monitoring platforms
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills
• Ability to work independently and collaboratively within a team environment

Preferred Qualifications:

• 3+ years of Security Operations Center (SOC) experience
• Experience with CrowdStrike Falcon, Google SecOps, Microsoft Defender, or similar platforms
• Experience with incident response and digital forensics investigations
• Experience with vulnerability management programs
• Familiarity with MITRE ATT&CK Framework
• Experience with cloud security technologies and environments
• Knowledge of NIST Cybersecurity Framework and CIS Controls
• Experience with scripting or automation (PowerShell, Python)

Certifications (One or More Preferred):

• Security+
• CySA+
• GSEC
• GCIH
• GCIA
• CISSP (Associate or Full)
• SC-200
• SC-900
• CrowdStrike Certifications
• Google SecOps Certifications

Years of Experience (IT, Security & Compliance): 2–5 years of Information Technology, Cybersecurity, Security Operations, Compliance, or Incident Response experience

Education: Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field preferred. Equivalent military, technical, or professional experience will be considered.

Travel Requirements: Typically requires overnight travel less than 10% of the time.

Location: Duluth, GA, Tallassee, AL

Equal Opportunity Employer EEO/AA M/F/Vet Disability