Associate Information Security Analyst – Columbia SC

Dominion Energy is committed to providing reliable, affordable, and increasingly clean energy that powers our customers every day. If you want to work for a purpose-driven company that values safety and collaboration, we’re looking for you. You won’t just find a job here; you’ll find your career. Review the position below and apply today. We offer a hybrid work schedule (one week in the office, one week of teleworking) to accommodate the need for flexibility.

Military service members and veterans with ranks from E3-E5, W1-W2, or O1-O3, plus appropriate equivalent combination of education and years of experience as outlined below will be considered for this opportunity. At this time, Dominion Energy cannot transfer or sponsor a work visa or employment authorization for this position. This position does not offer relocation assistance.

Under direct supervision, the candidate assists in administering policies and procedures that safeguard information assets from intentional or inadvertent access or destruction. The role works with an individual business unit in a specific platform environment on specific project assignments, with closely monitored work to avoid errors that may cause delay, expense, and disruption. This position is part of the IT Security compliance group.

• Conduct regular vulnerability assessments using automated scanning tools to identify security weaknesses, out-of-date versions, and vulnerable systems across our IT infrastructure operations.
• Analyze scan results and assess vulnerabilities regarding severity, impact, and potential risk to the infrastructure and collaborate with IT teams and application owners to prioritize and coordinate remediation via patching and/or mitigation controls.
• Generate accurate and concise vulnerability assessment reports, including vulnerability exposure, risk, and remediation progress.
• Analyze and monitor technical controls to ensure that specific security controls are managed and maintained.
• Help develop and maintain a security metrics dashboard.
• Assist in developing and updating vulnerability management procedures and processes and enforce those procedures and processes.
• Review patch management data and report gaps to responsible groups to conduct risk mitigations.
• Report control failures and gaps to stakeholders; provide remediation guidance and prepare management reports to track remediation activities.
• Apply a risk‑based approach in identifying, executing, and reporting to stakeholders for mitigation.
• Research, analyze, and troubleshoot information system compliance and security issues.
• Stay up to date with the latest vulnerabilities, exploits, security trends, and general technology changes to provide guidance on how these affect security of the business.

• 0–2 years of directly related experience.
• Diverse knowledge of information security and the ability to clearly present and communicate technical subjects to various audiences.
• Basic understanding of risk assessment methodologies and ability to evaluate vulnerabilities’ potential impact to the IT infrastructure operations.
• Detail‑oriented approach to analyzing scan results and identifying false positives.
• Knowledge of cybersecurity principles and solutions.
• Basic experience in Information Technology and business analysis.
• Strong analytical and critical‑thinking skills.
• Ability to work independently and collaboratively across teams.
• Excellent organizational skills with strict attention to detail.
• Creatively developing approaches to problems and recommending actions to management.

• Proficiency with vulnerability scanning tools such as Tenable Security Center.
• Experience with Microsoft SQL and Oracle databases.
• Experience with Microsoft Power Tools.
• Experience with regex and Microsoft Power Shell.
• Experience with Microsoft Endpoint Configuration Manager (SCCM) and Group Policies (GPO).
• Experience with NIST Common Vulnerability Scoring System (CVSS).

Bachelor’s degree or an equivalent combination of education and demonstrated related experience; preferred disciplines include Computer Science, Computer…