Analyst I through Analyst Lead - Digital Grid Management / Security Operations Center

Salary Range: $69,463 - $130,111 Relocation: No About Us

Oncor Electric Delivery Company LLC, headquartered in Dallas, is a regulated electricity transmission and distribution business that uses superior asset management skills to provide reliable electricity delivery to consumers. Oncor (together with its subsidiaries) operates the largest transmission and distribution system in Texas, delivering power to nearly 4 million homes and businesses and operating more than 144,000 miles of transmission and distribution lines in Texas.

Summary

Responsible for ensuring the safety of client and server systems, networks, applications, databases, and electronic information, and for protecting systems from security violations, unauthorized access, or destruction. Assists with implementing Information Technology (IT) security policies covering protocols, applications, networks, client and server systems, personnel, and other risk management mechanisms.

We are considering applicants with multiple experience levels. Please review all details related to responsibilities, education, and experience level for each level of consideration.

Analyst Level I Key Roles & Responsibilities

- Performs all essential functions and aspects of the job, including any other specific job requirements.

- Monitors and reviews security alerts generated by various security tools, such as Security Information and Event Management (SIEM), application whitelisting, Intrusion Prevention Systems (IPS), firewalls, and phishing tools, to identify potential security incidents.

- Analyzes logs, network traffic, endpoint data, and other security events to identify Indicators of Compromise (IOCs) and determine whether an alert requires further investigation or escalation.

- Performs initial triage of alerts to determine validity, severity, and priority by analyzing logs, event data, and basic threat indicators.

- Differentiates between true positives, false positives, and benign events to reduce unnecessary escalations.

- Works with Tier 3 Analysts to perform alert tuning, false positive reduction, and the development of new detection use cases.

- Assists in the development and refinement of Standard Operating Procedures (SOPs) and incident response playbooks based on feedback and lessons learned from prior incidents and investigations.

- Coordinates with email and messaging, network, and other teams to implement containment measures.

- Provides feedback on tool performance and alert quality to Tier 2 Analysts and security engineers.

- Participates in ongoing training sessions, simulations, and exercises to develop cybersecurity skills.

- Pursues higher education and certifications in cybersecurity.

- Ensures all actions and decisions are documented in the Security Operations Center (SOC) ticketing system.

Skills

- Beginner-level certifications preferred, including Network+, Security+, and Cybersecurity Analyst+ (CySA+).

- Knowledge of cybersecurity fundamentals, including networking protocols, operating systems, and security architecture.

- Experience with security tools such as SIEM, email security, IPS, web security, application whitelisting, Endpoint Detection and Response (EDR), Security Orchestration, Automation, and Response (SOAR), and anomaly detection tools.

- Strong verbal and written communication skills.

- Ability to work collaboratively.

Education & Experience

- High School Diploma, GED, or equivalent is required.

- Bachelor’s degree encouraged to apply.

- One to two years of cybersecurity experience required.

Analyst Level II

Key Roles & Responsibilities (In Addition To Above Responsibilities)

- Serves as escalation point for Tier 1 Analysts.

- Conducts in-depth analysis of escalated alerts.

- Makes real-time decisions on escalation and remediation.

- Reviews and validates work performed by Tier 1 Analysts.

- Performs alert tuning and detection improvement.

- Mentors analysts and provides feedback.

- Communicates findings to SOC leadership.

Skills

- Mid-tier certifications preferred, including Security+, CySA+, Certified Ethical Hacker (CEH), and Offensive Security Certified Professional (OSCP).

- Experience with advanced security analysis.

- Cloud security experience encouraged.

- Strong communication skills.

- Availability for 24/7 on-call support.

Education & Experience

- High School Diploma, GED, or equivalent is required.

- Bachelor’s degree encouraged to apply.

- Three to four years of cybersecurity experience required.

- SOC experience encouraged to apply.

Analyst Level III

Key Roles & Responsibilities (In Addition To Above Responsibilities)

- Oversees SOC shift operations.

- Acts as senior escalation point.

- Manages high-severity incidents.

- Reviews analyst investigations for quality.

- Develops and improves detection use cases.

- Conducts training and simulations.

- Coordinates with other SOC teams.

Skills

- Advanced certifications preferred, including CySA+, CEH, and OSCP.

- Deep cybersecurity expertise.

- Experience developing SOC processes.

- Strong leadership and communication skills.

- Availability for 24/7 on-call support.

Education & Experience

- High School Diploma, GED, or equivalent is required.

- Bachelor’s degree encouraged to apply.

- Five to six years of cybersecurity experience required.

- Two to three years of SOC experience encouraged.

Lead Analyst

Key Roles & Responsibilities (In Addition To Above Responsibilities)

- Leads SOC operations and investigations.

- Oversees analyst performance, scheduling, and development.

- Drives continuous improvement initiatives.

- Coordinates detection development with engineering teams.

- Provides leadership reporting and shift summaries.

- Acts as advocate for cybersecurity best practices.

Skills

- Advanced certifications preferred, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CEH, OSCP, Global Incident Handler (GCIH), and Global Information Assurance Certification (GIAC).

- Expert knowledge of security operations and architecture.

- Strong leadership and communication skills.

- Availability for 24/7 on-call support.

Education & Experience

- High School Diploma, GED, or equivalent is required.

- Bachelor’s degree encouraged to apply.

- Seven to eight years of cybersecurity experience required.

- SOC and supervisory experience encouraged to apply.

Measures of Success for All Levels

- Demonstrates adaptability and agility.

- Improves key performance indicators.

- Meets organizational timelines and service level agreements.

- Collaborates across business units.

- Demonstrates professionalism with stakeholders.

Note: The above statements describe the general nature and level of the work performed. This position may require 24x7 on-call support, including nights, weekends, and holidays.

Benefits

At Oncor, we offer a comprehensive set of benefits, compensation and performance management programs designed specifically to attract, retain, motivate and reward our high-performing workforce. Our supportive and inclusive culture allows every team member the opportunity to thrive and make a difference. We invest in our employee’s success and well-being by offering such things as:

- Annual incentive program.

- Competitive health and welfare benefits (medical, dental, vision, life insurance).

- Ability to earn wellness incentives (up to $2,300 in 2026 as an Employee only) and other wellbeing resources.

- 401k with dollar-for-dollar company match up to 6%.

- 401k match for student debt program.

- Cash balance pension plan.

- Tuition reimbursement.

- Competitive vacation, 10 company holidays and 2 personal holidays.

- Paid parental leave.

- Other perks such as commuter benefits, electric vehicle incentive program, appliance purchase plan.

Participation in benefit programs for employees in collective bargaining units is subject to the applicable collective bargaining agreement.