Cyber Security Operations Analyst / Senior Cyber Security Operations Analyst – Vulnerability Management

At PGE, our work involves dreaming about, planning for, and realizing a smarter, cleaner, more enduring Oregon neighborhood. Its core to our DNA and we haven’t stopped since we started in 1888. We energize lives, strengthen communities and drive advancements in energy that promote social, economic and environmental progress. We’re always on the lookout for people passionate about leading and being a part of teams that are advancing innovative clean energy solutions that are also affordable and accessible to all.

Summary:

As a Cyber Security Operations Analyst – Vulnerability Management, you will have the unique opportunity to join our dynamic Threat Defense team focused on preventing vulnerabilities to becoming threats to PGE. 

This role will focus on managing vulnerabilities and gaps that affect Technology, Data Security, and our Cyber Resilience posture, to ensure we are mitigating issues before they become exploitable within our environment.

As part of the role, you will support the following:

• Mature our enterprise vulnerability management practices and awareness.

• Present critical security and configuration deficiencies, security benchmark deviations, and solutions to diverse audiences focusing on mitigation/prevention/remediation.

• Facilitate exercises/tests to uncover technology or process gaps.

• Collaborate with other Business Units, Technology and Cyber organizations to build an encompassing practice to effectively manage our vulnerabilities.

The work we do is core to safeguarding our mission in delivering clean, reliable, and affordable energy to our community.

We're hiring for a position open to both Cyber Security Operations Analyst and Senior Cyber Security Operations Analyst candidates. The level will be determined based on the successful applicant's qualifications, experience, and demonstrated skills during the interview process.

Career Level Summary:

Cyber Security Operations Analyst (Grade 7, Career Level: P3 - Career Professional)

Responsible for security and compliance, installation, implementation, monitoring, incident response, vulnerability assessments, security controls testing, configuration management, and managing security systems and tools. Implements and analyzes connectivity activities required for security, installation, and integration. May have responsibility for adherence to compliance programs for critical infrastructure, and creation of documentation suitable for audit.

Senior Cyber Security Operations Analyst (Grade 8, Career Level: P4 - Specialist Professional)

Performs specialized work with depth and breadth of expertise in security operations. Solves complex problems and recommends best practices across broad technology domains. Leads projects and consults on high-impact areas. May provide leadership to functional teams.

Key Responsibilities:

Cyber Security Operations Analyst

• Information Security - Performs security risk, vulnerability assessments and business impact analysis for medium complexity information systems. Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural, and technical security controls. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.

• Vulnerability Research - Plans and manages vulnerability research activities. Maintains a strong external network in vulnerability research. Gathers information on new and emerging threats and vulnerabilities. Assesses and documents the impacts and threats to the organization. Creates reports and shares knowledge and insights with stakeholders. Providing expert advice and guidance to support the adoption of tools and techniques for vulnerability research. Contributes to the development of organizational policies, standards, and guidelines for vulnerability research and assessment.

• Vulnerability Assessments - Collates and analyses catalogues of information and technology assets for vulnerability assessment. Performs vulnerability assessments and business impact analysis for medium complexity information systems. Contributes to selection and deployment of vulnerability assessment tools and techniques.

• Secure Configuration Management - Facilitates input from stakeholders, provides constructive challenge and enables effective prioritization of security frameworks and benchmark requirements to manage and audit configurations against. Establishes requirements base-lines, obtains formal agreement to requirements, and ensures traceability to source.

• Security Operations - Monitors the application and compliance of operational procedures. Reviews actual or potential security vulnerabilities and ensures that they are promptly and thoroughly investigated, contributes to their resolution, checking that they are mitigated in accordance with agreed standards and procedures.

• Incident Response - Responds to and records security breaches and action taken. Identifies registers and categorizes incidents. Gathers information to enable incident resolution and promptly allocates incidents as appropriate. Maintains records and advises relevant persons of actions taken.

• Applications Support - Identifies and resolves issues with applications. Uses application management software and tools to collect agreed performance statistics. Carries out agreed application maintenance tasks.

• Penetration Testing - Selects appropriate testing approach using in-depth technical analysis of risks and typical vulnerabilities, Produces test scripts, materials and test packs and tests new and existing networks, systems, or applications. Provides advice on penetration testing to support others. Records and analyses action and results and modifies tests if necessary. Provides reports on progress, anomalies, risks, and issues associated with the overall project.

Senior Cyber Security Operations Analyst

• Information Security - Obtains and acts on vulnerability information and business impact analysis and accreditation on complex information systems. Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Investigates major breaches of security and recommends appropriate control improvements. Contributes to development of information security policy, standards, and guidelines.

• Vulnerability Research - Plans and leads the organization's approach to vulnerability research. Identifies new and emerging threats and vulnerabilities. Maintains a strong external network. Takes a leading part in external-facing professional activities to facilitate information gathering and set the scope of research work. Engages with, and influences, relevant stakeholders to communicate results of research and the required response. Develops organizational policies and guidelines for monitoring emerging threats and vulnerabilities.

• Vulnerability Assessments - Plans and manages vulnerability assessment activities within the organization. Evaluates and selects, reviews vulnerability assessment tools and techniques. Provides expert advice and guidance to support the adoption of agreed approaches. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.

• Incident Response - Investigates suspected attacks and manages security incidents. Uses forensics where appropriate. Prioritizes and diagnoses incidents according to agreed procedures. Investigates causes of incidents and seeks resolution. Escalates unresolved incidents. Facilitates recovery, following resolution of incidents. Documents and closes resolved incidents according to agreed procedures.

• Secure Configuration Management - Facilitates input from stakeholders, provides constructive challenge and enables effective prioritization of security frameworks and benchmark requirements to manage and audit configurations against. Establishes requirements base-lines, obtains formal agreement to requirements, and ensures traceability to source.

• Applications Support - Maintains application support processes and checks that all requests for support are dealt with according to agreed procedures. Uses application management software and tools to investigate issues, collect performance statistics and create reports.

• Critical Infrastructure Compliance - Determines need for, drafts and maintains the standards and procedures for compliance with relevant legislation. Makes business decisions based on that information, including the need to make changes to systems. Reviews proposals for new digital initiatives and provides analyst advice on information management, including advice on and promotion of collaborative working and assessment and management of information- related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares reviews and submits periodic compliance reports to the relevant regulatory authorities.

• Penetration Testing - Plans and drives penetration testing within a defined area of business activity. Delivers objective insights into the existence of vulnerabilities, the effectiveness of defenses and mitigating controls. Takes responsibility for the integrity of testing activities and coordinates the execution of these activities. Provides authoritative advice and guidance on all aspects of penetration testing. Identifies needs and implements new approaches for penetration testing. Contributes to security testing standards.

Education / Experience / Certifications:

Cyber Security Operations Analyst

- Education: Bachelor’s degree in cyber security, computer science, or related field, or equivalent experience.
- Experience: Typically, five or more years in cyber security, information assurance, or related IT roles.
- Preferred Certifications: GSEC, CCNA Security, GCFE

- Valid Driver’s license

Senior Cyber Security Operations Analyst

- Education: Bachelor’s degree in cyber security, computer science, or related field, or equivalent experience.
- Experience: Typically, eight or more years in cyber security, information assurance, or related IT roles.
- Preferred Certifications: GCFA, GPPA, GCIA, GCIH, GCED, GMON, GRID, CASP, CISSP, CCNP Security

- Valid Driver’s license

Competencies

Cyber Security Operations Analyst (Intermediate) / Senior Cyber Security Operations Analyst (Advanced)

Functional Competencies (Intermediate/Advanced):
- Principles, methods, and tools for vulnerability assessment and mitigation.
- Security best practices including personnel, facility, and information protection.
- Forensic investigative techniques.
- Surveillance and counter-surveillance policies and technologies.
- Network and LAN interface management.
- Regulations related to Critical Infrastructure Protection (CIP).

General Competencies (Intermediate/Advanced):
- Customer focus
- Accuracy and attention to detail
- Oral and written communication
- Interpersonal and collaboration skills
- Decision-making and prioritization
- Organization and time management

Physical Capabilities

- Driving/travel/commute: Daily within service territory – Occasionally
- Driving/travel/commute: Overnight inside/outside the service territory – Occasionally
- Computer use: Use computer regularly for entire work shift
- Lifting/pushing/pulling: Up to 10 lbs
- Carrying: Up to 10 lbs
- Work environments: Office

Schedule / Attendance

- Adhere to pre-established schedules including start/stop and breaks
- Ability to work long hours
- Variable schedule availability
- On-call availability
- Reliable and predictable full-time attendance
- Ability to report during severe weather events
- Ability to work shift schedules

Cognitive Demands

Cognitive Level: Substantial – Regular use of logic or scientific thinking to define problems, analyze, and draw conclusions.
Cognitive Abilities:
- Respond to deadlines and time-sensitive tasks
- Follow accuracy standards
- Consistent follow-through on decisions
- Effective team interaction
- Problem-solving under stress
- Adaptability to frequent change
- Openness to feedback and self-awareness
- Ability to apply skills to similar new situations
- Collaboration across roles and teams
- Information retention and application

Additional Information

Work Location:
PGE supports hybrid flexible work arrangements; and will have a combination of in-the-office and working offsite. However, these arrangements may change due to business needs or changes in responsibility. Employees should live within 75 miles of their designated work location.

Relocation / Sponsorship:
PGE is not offering relocation or work sponsorship for this position.

Compensation Range:

Actual total compensation, including a performance based incentive bonus, is commensurate with experience, skills, qualifications, education, training, and internal equity. While we anticipate the selected candidate for this position will fall towards the middle or entry point of the compensation range, the decision will be made on a case-by-case basis.

PGE believes in rewarding dedicated performance. We provide a total rewards package that is designed to reward your contributions to the company, and, at the same time, support your well-being and professional development, both now and into the future. To find out more, click here.

Join us today and power your potential!

Assisting with storms or other Company emergencies is a part of all positions at Portland General Electric.

PGE is committed to diversity and inclusion in the workplace and is an equal opportunity employer. PGE will not discriminate against any employee or applicant for employment based on race, color, national origin, gender, gender identity, sexual orientation, age, religion, disability, protected veteran status, or other characteristics protected by law.

PGE does not discriminate on the basis of disability. We recognize individuals have a variety of abilities to offer and we believe there is much to value and celebrate by incorporating different abilities into the work we do. One very important way we live this out is in our application and interview process. We work hard to support individuals who may need an accommodation to fully participate in these processes. If you feel you may need an accommodation, or would like to request one, please notify the Talent Acquisition Specialist (Recruiter) associated with the job posting. You may also make this request by contacting talentacquisition@pgn.com or by calling 503-464-7250. The Recruiter will provide information and next steps for the accommodation process.  Our Diversity, Equity & Inclusion (DEI) team is also available for support.  You can contact them at dei@pgn.com.

To be considered for this position, please complete the following employment application by the posting close date.  Posting closes at midnight (Pacific Time) on the closing date below. If no date is listed, job is open until filled.