John Mase

• Monitored and provided analysis of security event data from a large number of heterogeneous security devices such as: Security Impact and Event Management (SIEM) systems, Intrusion Detection and Prevention systems, Anti-malware infrastructure, Secure Configurations, vulnerability scanners, etc.
• Recognized potential and successful/unsuccessful intrusion attempts and compromises thorough review and analysis of relevant event information. Escalated intrusions and compromises to NYISO's systems (network, applications, etc) to the CSIRT as needed.
• Provide threat and vulnerability analysis as well as security advisory services.
• Analyze and respond to software and hardware vulnerabilities.
• Investigate, document and report on information security issues and emerging trends.
• This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations. Analysts are required to work shift rotations to support around the clock (24x7x365) coverage of the CSOC.

Responsibilities:

• Provides proactive monitoring of the NYISO information technology and cyber security infrastructure at multiple locations, including hardware, software, networks, applications and services.
• Identifies and responds to events, incidents and problems using best practices, guidelines and procedures.
• Participates in cyber security event and incident identification, coordination and support of NYISO’s Cyber Security Incident Response Plan and Teams (CSIRP/CSIRT), and assists with cyber security incident management processes and procedures.
• Ensures compliance is maintained for NYISO policies and procedures along with Statement on Standards for Attestation Engagements (SSAE) No. 16 and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) controls.
• Provides service support and coordination for IT support Tiers 1-3 and properly logs all support requests, events, incidents, problems, and activities into service management application and EOC log.

Responsibilities:

• Assess and troubleshoot network issues based on SNMP alerts and on-site staff
• Establishes the nature of outages and single points of failure through ISP and third-party vendor contacts
  
• Fully documents troubleshooting steps taken in related tickets, as well as detailed accounts of communications with clients, end users, and third-party vendors
  
• Provides excellent communication skills, both externally and internally, to ensure swift issue resolutions