Eng, Cybersecurity

Company Overview

At Spire, we believe energy exists to help people. To enrich their lives, grow their businesses, advance their communities. It’s a simple idea, but one that’s at the heart of our business. We’re dedicated to understanding our customers’ needs and goals to better serve them today and tomorrow. That’s why we’re always looking for driven, collaborative people to join our team. Because we believe that offering our customers the best service means bringing together the best people.
And we find the best by hiring those who share our values of safety, inclusion and integrity, and demonstrate our four essential behaviors that bring the Spire culture to life: 
•    We make it happen:  We are a company of go-getters, acting on every opportunity to help our company advance. 
•    We seek out perspective:  We challenge ourselves to be open to different ways of doing things, because learning from each other leads to breakthroughs.
•    We collaborate:  We put teamwork first, bringing in everyone’s ideas, because our collective energy makes us stronger.
•    We care:  We treat people how we want to be treated, listening closely and doing what’s right, even when it’s hard
By living our values and behaviors every day, we strive to create an environment where every employee feels welcome, respected, and valued.
 

Summary

Spire is seeking a ​Cybersecurity Engineer.  Here is what a successful candidate will possess:  

​​Responsible for protecting the confidentiality and integrity of customer, employee and business information in compliance with organization policies and standards  

​Participates directly in the planning, development, implementation and expansion of security technologies throughout the company 

​Assist to effectively drive IT security actions with the team across the organization 

​Perform cyber security threat impact assessments and prepare assessment reports 

​Analyze cyber security discovery information and determine requirements and remediation while coordinating with various vendors and business stakeholders​ 

Duties and Responsibilities

Participate in regular status meetings 

Perform assigned tasks on a reoccurring basis and provide metrics on the results 

Ensure events are properly documented for network security and cybersecurity stakeholders 

Works with Senior Engineers to provide analysis and documentation of IT risk processes 

Conducts pre-production testing and reviews of proposed security changes 

Oversees identification and reporting of potential impacts of problems 

Conducts testing and reviews of security changes to ensure compliance with IT Security controls 

Work with vendors to perform assessments, understand security functionality and implementation 

Stays current on common and emerging security standards and frameworks 

Vulnerability assessment, management, and active/passive scanning, CVSS, CVE, compliance 

Apply advance security knowledge working in the following areas: 

Familiarity with NIST vulnerability management framework and scanning tools 

Windows/Linux/Oracle OS Security Best Practices 

Vendor Assessments, InsightVM, SonarQube, Acunetix, Nessus Professional, Tenable.IO, Tenable.OT  

SCADA equipment and operations knowledge 

Monitoring, Incident Response, Threat Intelligence, Pen Testing, Vulnerability Assessments, Technology evaluation 

All other duties as assigned or requested 

Essential Characteristics and Competencies

Ability to learn and implement the core and job category competencies 

Ability to lead by example in support of the Company’s essential characteristics and values 

   Ability to work under pressure and meet deadlines 

Ability to develop interpersonal skills with proven ability to establish rapport with a diverse array of people 

Supervisory Responsibilities

n/a

Required Education (certifications, licenses)

A bachelor’s or associate’s degree in Information Technology, Computer Science, Engineering, and/or equivalent experience in Information Systems. 

Security+, CISSP, CCNA or equivalent certification/degree. 

Required knowledge, skill and abilities

Strong analytical capabilities; demonstrated knowledge and understanding of security technologies.  

Solid understanding of business organization and security best practices.  

Security (1 years): General understanding of Information Technology, such as TCP/IP fundamentals, Web protocols (HTTPS), modifying system parameters, understanding network security, risk and threat prevention 

Physical demands, environment and schedule

Hybrid work schedule-  Work is done remotely and in a shared office space

Posting Requirements

Spire accepts online applications through our career site at jobs.spireenergy.com

Posting requirements: The above posting description is intended to describe the general nature of the level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. To perform this job successfully, an individual must be able to perform each duty and responsibility satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 
Spire, Inc., and its subsidiaries are Affirmative Action and Equal Employment Opportunity employer. 

We are committed to providing equal employment opportunity in all areas, including but not necessarily limited to, recruitment, selection, training, education, compensation, benefits, promotion, job transfer, upgrading, separation and recall regardless of the individual’s race, color, sex, age, religion, national origin, genetics, sexual orientation, gender identity, disability, veteran status, and/or other protected categories under all Federal, State, and local laws. For more information, please view our Integrity and Inclusion pages of our career site.