kaairo.ai

Security AnalystSkills & Competency Framework

mid-levelEnergy8 competencies

What skills does a mid-level Security Analyst in Energy need?

A mid-level Security Analyst in energy leads critical infrastructure protection programs spanning IT and OT environments across power generation, transmission, and distribution operations. This role requires advanced expertise in industrial control system security, NERC CIP compliance program management, and the ability to coordinate security initiatives across engineering, operations, and IT teams. Mid-level analysts drive threat detection improvements for OT networks, lead incident investigations with physical safety implications, and contribute to the convergence of IT and OT security operations. The framework reflects the heightened responsibility of defending systems where cyber attacks can cause physical harm and widespread service disruption.

Entry-Level
Mid-LevelSelected
Senior
Core Competencies

Primary Skills

OT Threat Detection & Hunting

technical

Advanced capability to detect and investigate threats within operational technology environments including SCADA, DCS, and energy management systems. Involves deploying OT-specific monitoring tools, analyzing industrial protocol traffic, and hunting for indicators of compromise from nation-state actors targeting energy infrastructure.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorExpert (5/5)

NERC CIP Program Management

operational

Ownership of compliance programs ensuring adherence to NERC CIP standards across bulk electric system cyber assets. Includes managing evidence collection, preparing for NERC audits, tracking remediation of violations, and adapting compliance processes to evolving CIP standard versions.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorExpert (5/5)

IT/OT Convergence Security

technical

Expertise in managing the security challenges of converging IT and OT environments. Includes designing unified security monitoring across enterprise and industrial networks, managing data diodes and cross-domain solutions, and ensuring security tools do not disrupt industrial process operations.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorExpert (5/5)
Supporting Competencies

Additional Skills

Critical Infrastructure Incident Response

operational

Leadership of incident response activities where cyber events may impact physical energy infrastructure including coordinating with plant operators, implementing manual overrides, engaging CISA and sector-specific agencies, and managing incidents under TSA Pipeline Security Directives when applicable.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorExpert (5/5)

Industrial Network Architecture Security

technical

Capability to assess and improve the security of industrial network architectures based on ISA/IEC 62443 zones and conduits, Purdue model segmentation, and emerging industrial DMZ patterns. Includes managing firewall rules between IT and OT zones and implementing secure remote access for OT environments.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorAdvanced (4/5)

Cross-Functional Collaboration

interpersonal

Effectiveness in working with operations engineers, plant managers, and control system vendors who may not have cybersecurity backgrounds. Includes translating security requirements into operational language and building trust-based relationships with OT personnel.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorAdvanced (4/5)

Energy Sector Threat Intelligence

analytical

Proficiency in consuming and operationalizing threat intelligence specific to the energy sector including E-ISAC advisories, ICS-CERT alerts, and intelligence about threat groups such as Sandworm and Volt Typhoon that actively target energy infrastructure.

Entry-LevelBasic (1/5)
Mid-LevelProficient (3/5)
SeniorAdvanced (4/5)

Security Awareness for Operations Staff

interpersonal

Ability to develop and deliver security training programs tailored to plant operators, field technicians, and control room staff. Involves creating practical exercises that demonstrate cyber threats in operational contexts without disrupting production or safety systems.

Entry-LevelBasic (1/5)
Mid-LevelDeveloping (2/5)
SeniorAdvanced (4/5)
Go Private

Need frameworks tailored to your company?

With Kaairo's platform, competency frameworks are built from your company context — values, culture, and internal docs — and stay fully private to your organization.

Explore Kaairo for Business
Go Further

Free Tool vs. Kaairo Platform

Free Tool
  • Generic competency frameworks
  • AI-generated competencies based on role analysis
  • No company context or customization
  • Framework output only
  • No scoring or assessment
Kaairo Platform
  • Frameworks tailored to YOUR company context
  • Org-specific competency library that grows over time
  • Company values, culture, and uploaded docs inform AI
  • AI-powered assessments scored against each competency
  • Per-competency scoring, analytics, and development plans
Learn More

Explore More Frameworks

Risk Manager
lead/principalEnergy
View framework Security Analyst
seniorEnergy
View framework Sales Engineer
lead/principalEnergy
View framework Data Engineer
seniorEnergy
View framework Financial Analyst
seniorEnergy
View framework Risk Manager
lead/principalManufacturing
View framework

Assess these competencies automatically

Kaairo builds AI-powered assessments from competency frameworks — automatically scored against each competency.

Generate Another FrameworkExplore Kaairo for Business

Generated by Kaairo's Competency Framework Generator on March 24, 2026