Cybersecurity Analyst I

Arizona Public Service generates reliable, affordable and clean energy for 2.7 million Arizonans. As the state’s largest and longest-serving energy provider, our more than 6,000 dedicated employees power our vision of creating a sustainable energy future for Arizona.

Summary

The Cyber Security Analyst I is responsible for protecting the confidentiality, integrity and availability of our customer's personal data, ensuring the reliability of the electric system by defining, assessing and reporting on adherence to cyber security controls and policies

Minimum Requirements

• Bachelors' degree in Computer Information Systems (CIS) or related field
• And one (1) year of prior relevant experience or equivalent combination of education and directly related experience.
• Requires entry level technical subject matter knowledge within a job area or system

Preferred Special Skills, Knowledge or Qualifications:

• Experience designing, implementing, and maintaining IT security controls, utilizing NIST 800-53, NERC Critical Infrastructure Protection and other frameworks.
• Knowledgeable in network and systems security and monitoring; security and malware detection and prevention technologies; programming and scripting languages; firewall configurations; vulnerability risk assessments and remediation; infrastructure design and architectural direction; cyber-crime and cyber-attacks; regulatory requirements and standards; communication protocols.
• Familiar with vulnerability management technologies utilized for scanning systems and applications for known vulnerabilities.
• Preferred certifications: COMPTIA (Security+, Network+); SANS/GIAC (GSEC, GPPA, GISF, GISP); ISACA (CRISC).
• Ability to speak to audiences on topical security matters such as, phishing, ransomware, energy sector cyber-attacks, password management, safe browsing habits, and data privacy issues.

Major Accountabilities

1) Executes procedures for security vulnerability management to identify, assess, communicate, and provide recommended remediation strategies to key stakeholders based on vulnerability scan results.

2) Assists in the implementation and written communication of Information Security policies, processes, procedures, and security controls.

3) Implements technical standards, procedures and guidelines.

4) Assists in developing trainings for targeted system users.

5) Assists in performing compliance audits.

6) Support the execution of IT system risk management methodologies.

7) Reports system weakness and recommends improvements.

8) Participates in cyber security incident response trainings and exercises.

9) Actively participates in APS' internal security awareness program speaking to small, medium, or large audiences on topical security matters such as phishing, ransomware, energy sector cyber-attacks, password management, safe browsing habits, and data privacy issues.

Export Compliance / EEO Statement

This position may require access to and/or use of information subject to control under the Department of Energy's Part 810 Regulations (10 CFR Part 810), the Export Administration Regulations (EAR) (15 CFR Parts 730 through 774), or the International Traffic in Arms Regulations (ITAR) (22 CFR Chapter I, Subchapter M Part 120) (collectively, 'U.S. Export Control Laws'). Therefore, some positions may require applicants to be a U.S. person, which is defined as a U.S. Citizen, a U.S. Lawful Permanent Resident (i.e. 'Green Card Holder'), a Political Asylee, or a Refugee under the U.S. Export Control Laws. All applicants will be required to confirm their U.S. person or non-US person status. All information collected in this regard will only be used to ensure compliance with U.S. Export Control Laws, and will be used in full compliance with all applicable laws prohibiting discrimination on the basis of national origin and other factors. For positions at Palo Verde Nuclear Generating Stations (PVNGS) all openings will require applicants to be a U.S. person.

Pinnacle West Capital Corporation and its subsidiaries and affiliates ('Pinnacle West') maintain a continuing policy of nondiscrimination in employment. It is our policy to provide equal opportunity in all phases of the employment process and in compliance with applicable federal, state, and local laws and regulations. This policy of nondiscrimination shall include, but not be limited to, recruiting, hiring, promoting, compensating, reassigning, demoting, transferring, laying off, recalling, terminating employment, and training for all positions without regard to race, color, religion, disability, age, national origin, gender, gender identity, sexual orientation, marital status, protected veteran status, or any other classification or characteristic protected by law.

For more information on applicable equal employment regulations, please refer to EEO is the Law poster. Federal law requires all employers to verify the identity and employment eligibility of every person hired to work in the United States, refer to E-Verify poster. View the employee rights and responsibilities under the Family and Medical Leave Act (FMLA).

Arizona Public Service is a smoke free workplace.

Hybrid: Employees in hybrid roles work both in their home offices (virtually) and alongside their colleagues (in person).

In order for employees to build strong relationships and to promote meaningful in-person interactions, hybrid employees are expected to work about 40% of their time in-person at an APS or other (non-home office) location.

*Employees are expected to reside in Arizona (or New Mexico for Four Corners-based employees). 

*Working from a home office requires adequate technology and an appropriate ergonomic set up. 

*Role types are subject to change based on business need.