Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water. For additional information, please visit the company website at www.neptunetg.com.

Senior Security Analyst

Position Summary

As a Senior Security Analyst, you will be a key member of Neptune’s 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You’ll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements.

Responsibilities:

Threat Detection & Monitoring

• Monitor and analyze security alerts from SIEM and EDR platforms
• Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments
• Maintain high-fidelity alerting and reduce false positives through tuning

Incident Response & Management

• Execute playbooks for triage, containment, and remediation of security incidents
• Assist in forensic investigations and contribute to post-mortem reports
• Participate in tabletop exercises and readiness drills

SIEM & Security Logging

• Maintain SIEM health and ensure reliable telemetry across all assets
• Develop and refine detection rules and correlation logic
• Support automation and orchestration workflows for incident handling

Identity & Access Management

• Monitor identity-related events for anomalies and privilege escalation attempts
• Support IAM lifecycle processes and enforce least privilege principles

Threat Intelligence & Modeling

• Integrate threat intelligence feeds into detection workflows
• Assist in threat modeling to identify potential attack paths

Reporting & Metrics

• Document incidents and provide timely updates to SOC Manager for reporting to parent company
• Track and report operational metrics (MTTD, MTTR, alert volumes, etc.)

Security Standards & Architecture

• Apply secure-by-design principles in collaboration with engineering teams
• Support zero trust initiatives and network segmentation projects

Relevant Platforms (experience with several is expected):

• SIEM/SecOps: e.g. Google SecOps (Chronicle)
• EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra
• Network Security: e.g. FortiGate NGFW, FortiSASE
• Secure Browsing: e.g. Prisma
• Patching & Config: e.g. Automox
• Secrets Management: e.g. Keeper
• Asset Management: e.g. Axonius, Cyclops
• Email & Data Security: e.g. Mimecast, Microsoft Purview

Minimum Qualifications:

• Bachelor’s degree (or equivalent experience)
• 3+ years in Security Operations or Incident Response
• Hands-on experience with SIEM, EDR, and threat detection
• Familiarity with NIST, ISO, MITRE ATT& CK, and zero trust principles
• Strong analytical and communication skills

Preferred Qualifications:

• Security certifications (e.g., GCIH, GCIA, CISSP)
• Experience with cloud security (AWS, Azure, GCP)
• Exposure to SOAR automation and scripting
• Travel Requirements: Typically requires overnight travel less than 10% of the time.

Travel Requirements: Typically requires overnight travel less than 10% of the time.

Location: Duluth, GA, Tallassee, AL

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.