Analyst PG Op Technology Security 3

We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve.  Together, we are powering the growth and success of our community progress every day!

 

Deadline to Apply: February 5, 2025

 

Power Generation: Calaveras Plant                   Location: San Antonio, TX

 

Pay Grade

14

 

**Qualifications may warrant placement in a different job level.**

Position Summary

Power Generation Cyber Security Analyst (PGCSA) ensures the integrity and availability of Industrial Control Systems (ICS) throughout the Power Generation fleet. PGCSA develops and implements secure ICS architectures to enable effective cyber security controls, monitoring capabilities and Operational reliability. 
Tasks include but are not limited to the following: ICS Architecture design, Cyber Security and Risk Management, Communications and Network Security, Security Assessment and Testing, Maintain Cyber Security Programs, Subject Matter Expert for applicable regulatory obligations/audits.
PGCSA is expert in the various ICS architectures and Cyber Security of deployed generation. PGCSA designs and implements changes to respective Power Generation ICS landscapes ensuring Cyber Security from field devices to Control Room. PGCSA evaluates new and emerging technology associated with ICS deployments for security flaws and develops risk informed mitigations. PGCSA follows and interprets regulatory language in order to incorporate corresponding controls to support changes in the regulatory landscape.
 

Tasks and Responsibilities

• Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
• Ensure that acquired or developed system and architecture are consistent with organization's cybersecurity architecture guidelines.
• Analyze candidate architectures, allocate security services, and select security mechanisms.
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
• Integrate results regarding the identification of gaps in security architecture.
• Document how the implementation of a new system or new interface between systems impacts the current and target environment including but not limited to security posture.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Determine the protection needs (i.e., security controls) for the ICS(s) and network(s) and document appropriately.
• Perform system administration on specialized ICS applications and systems to include installation, configuration, maintenance, backup, and restoration.
• Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls/intrusion prevention systems).
• Analyze Power Generation's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
• Conduct required reviews as appropriate within environment (e.g., TSCM).
• Perform technical and nontechnical risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
• Ensure that the application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Implement specific cybersecurity countermeasures for systems and/or applications.
• Integrate automated capabilities for updating or patching system software where practical and develop processes and procedures for manual updating and patching of system software based on current and projected patch timeline requirements for the operational environment of the system.
• Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
• Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Work with stakeholders to resolve computer security incidents and vulnerability compliance. 
• Proficient at Audit preparation, drafting Audit responses and Audit SME interviews.
• Initiate and Manage Projects.
• Manage and maintain budgets.
• Manage contracts.

Minimum Skills

Minimum Knowledge and Abilities

Strong skills in cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability.Strong skills in network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).Strong skills in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.Skill in applying and incorporating technologies into proposed solutions.Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.Strong skills in computer networking concepts and protocols, and network security methodologies.Strong skills in cyber threats and vulnerabilities.Knowledge of specific operational impacts of cybersecurity lapses.Strong skills in Operational technology (OT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).Strong skills in how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI].Strong skills in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.Strong skills in laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, etc.).Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.Skilled in Audit preparation, drafting Audit responses and Audit SME interviews.Skilled in technical writing.Skill in Audit preparation.Knowledge of Project Management Methodologies.Knowledge of Budgeting.Ability to lead initiatives to successful conclusion within stated timelines and budget.

Preferred Qualifications

• Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations. 
• Knowledge of penetration testing principles, tools, and techniques.
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. 
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
• Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
• Strong oral/written communication skills.
• Relevant certification(s) in Cybersecurity such as:
• CASP - Comptia Advanced Security Practitioner
• CCNA/CCNP - Cisco Certification
• CISSP - Certified Information System Security Professional
• CISA – Certified Information Systems Auditor
• GCIH – GIAC Certified Incident Handler

Competencies

Demonstrating InitiativeEstablishing RelationshipsCommunicates EffectivelyInteracting with People at Different LevelsWorking with AmbiguityUsing Computers and Technology

Minimum Education

Bachelor’s Degree in Information Systems, Information Tech, Information Tech Security, Computer Science, Management Information Systems, Engineering or related degrees or; prev exp in Industrial Control System/Operational Tech, Information Security.

Required Certifications

Working Environment

Indoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi-functioning printer and calculator.Ability to travel to and from meetings, training sessions or other business related events.

Physical Demands

Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body.Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations.