Analyst Cyber Security 3

We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve.  Together, we are powering the growth and success of our community progress every day!

Pay Grade

16*
Deadline to Apply: February 27, 2025

*Qualifications may warrant placement at a different job level

Position Summary

The Cyber Security Analyst will help plan and carry out security measures to protect CPS Energy information systems.  Tasks include but are not limited to the following areas:  Security and Risk Management, Asset Security, Security Architecture and Engineering, Communications and Network Security, Identify and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.

 

Tasks and Responsibilities

• Serves as an internal information security consultant to the organization.
• Contribute in the development and implementation of security policies and procedures
• Initiates, facilitates and promotes activities to create information security awareness within the organization.
• Performs information security risk assessments and serves as an internal expert for information security related issues.
• Reviews all system-related security plans throughout the organization's corporate network.
• Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager or business area.
• Supports the security incident response process.
• Provides input in selection of system software & hardware, with emphasis on security and compliance requirements.
• Provides incident and problem resolution.
• Supports development of security deliverables for enhancements to production systems and new development.
• Implements ongoing improvements to security configurations and operating procedures.
• Performs other duties as assigned.
   

Minimum Skills

Minimum Knowledge and Abilities

Strong knowledge of signature implementation impact for viruses, malware, and cyber attacksSignificant experience with malware analysis concepts and methodologies including countermeasure/mitigation design of identified security risksIn depth knowledge of information technology security principles, methods and key concepts in security management (vulnerability management, patch management, incident response)Knowledge of vulnerability information dissemination sources (alerts, advisories, bulletins)Demonstrated skill in assessing security controls based on cybersecurity principles and frameworks and experience preserving evidence integrity according to standard operating procedures or industry best practicesDemonstrated understanding of collecting data from a variety of cyber defense resources and recognizing and categorizing various types of vulnerabilities and associated attacksDemonstrated experience using security event correlation tools (SIEM)Strong ability to conduct vulnerability scans, recognize vulnerabilities in information systems and apply techniques for detecting host and network-based intrusions using various detection technologiesAbility to interpret information collected by network tools and accurately and completely source all data used in intelligence, assessment and or planning productsAbility to design incident response for cybersecurity incidents not covered by existing plans or procedures

Preferred Qualifications

• Master’s Degree, Information Systems, Information Technology, Information Technology Security, Computer Science, Management Information Systems OR Information Security
• Previous experience in information technology or security (System Administration or Help Desk)
• Strong communications skills, both written and oral
• Organized, responsive and highly thorough problem solver

Competencies

Demonstrating InitiativeInteracting with People at Different LevelsEstablishing RelationshipsWorking with AmbiguityCommunicates EffectivelyUsing Computers and Technology

Minimum Education

Bachelor's Degree in Business Administration, Information Systems, Information Technology, Information Technology Security, Computer Science, Management Information Systems or Information Security experience will be considered as a substitute for degree. Additionally, member must possess at least one active certification from the required certifications listing below.

Required Certifications

Candidate must possess at least one of the below certifications, others may be substituted depending on experienceCASP+ CE – Comptia Advanced Security Practitioner – Continuing EducationCCNP-Security – Cisco Certified Network Professional - SecurityCISA – Certified Information Systems AuditorGCIH – GIAC Certified Incident HandlerCISSP (or Associate) – Certified Information System Security Professional

Working Environment

Indoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi- functioning printer and calculator.Ability to travel to and from meetings, training sessions or other business related events. After hours work may be required.Works various fluctuating schedules to include rotating shift work, call duty, extended hours and weekends.

Physical Demands

Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time.Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations.