Description
Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at www.neptunetg.com .
Senior Security Analyst
Position Summary
As a Senior Security Analyst, you will be a key member of Neptune's 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You'll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements.
Responsibilities:
Threat Detection & Monitoring
Monitor and analyze security alerts from SIEM and EDR platforms
Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments
Maintain high-fidelity alerting and reduce false positives through tuning
Incident Response & Management
Execute playbooks for triage, containment, and remediation of security incidents
Assist in forensic investigations and contribute to post-mortem reports
Participate in tabletop exercises and readiness drills
SIEM & Security Logging
Maintain SIEM health and ensure reliable telemetry across all assets
Develop and refine detection rules and correlation logic
Support automation and orchestration workflows for incident handling
Identity & Access Management
Monitor identity-related events for anomalies and privilege escalation attempts
Support IAM lifecycle processes and enforce least privilege principles
Threat Intelligence & Modeling
Integrate threat intelligence feeds into detection workflows
Assist in threat modeling to identify potential attack paths
Reporting & Metrics
Document incidents and provide timely updates to SOC Manager for reporting to parent company
Track and report operational metrics (MTTD, MTTR, alert volumes, etc.)
Security Standards & Architecture
Apply secure-by-design principles in collaboration with engineering teams
Support zero trust initiatives and network segmentation projects
Relevant Platforms (experience with several is expected):
SIEM/SecOps: e.g. Google SecOps (Chronicle)
EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra
Network Security: e.g. FortiGate NGFW, FortiSASE
Secure Browsing: e.g. Prisma
Patching & Config: e.g. Automox
Secrets Management: e.g. Keeper
Asset Management: e.g. Axonius, Cyclops
Email & Data Security: e.g. Mimecast, Microsoft Purview
Minimum Qualifications:
Bachelor's degree (or equivalent experience)
3+ years in Security Operations or Incident Response
Hands-on experience with SIEM, EDR, and threat detection
Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles
Strong analytical and communication skills
Preferred Qualifications:
Security certifications (e.g., GCIH, GCIA, CISSP)
Experience with cloud security (AWS, Azure, GCP)
Exposure to SOAR automation and scripting
Travel Requirements: Typically requires overnight travel less than 10% of the time.
Travel Requirements: Typically requires overnight travel less than 10% of the time.
Location: Duluth, GA, Tallassee, AL
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
CLZUU DOMUU SK111 SK222 SK333 SK444 SK555 SK666
