OT Cyber Security Engineer

Overview

About LS Power:

Founded in 1990, LS Power is a premier development, investment, and operating company focused on the North American power and energy infrastructure sector, with leading platforms across generation, transmission and energy transition solutions. Since inception, LS Power has developed or acquired over 50,000 MW of power generation, including utility-scale solar, wind, hydro, battery energy storage, and natural gas-fired facilities. Through LS Power Grid, the Firm has built and operates approximately 780 miles of high-voltage transmission with another 350+ miles and multiple grid infrastructure projects currently under construction or development. Across its efforts, LS Power actively invests in and scales businesses that are accelerating the energy transition, including electric vehicle charging, demand response, microgrids, renewable fuels and waste-to-energy platforms. Over the years, LS Power has raised $65 billion in debt and equity capital to support North American infrastructure.

Our Purpose, Mission, & Values:

Our Purpose is to solve complex energy problems that improve the world

Our Mission is to make lives better by developing a cleaner and more reliable energy ecosystem

Our Values are the willingness to participate in and help strengthen our culture of integrity, Innovation, Teamwork, and Taking Ownership

Our People create value and are our Most Valuable asset.  We take our values of Integrity, Innovation, Teamwork and Taking Ownership seriously and ask candidates to think about how they can help us further enhance our culture with their specific skillsets, capabilities and experiences.

Benefits

We provide our team the opportunity to share their unique perspectives, solve new challenges, and continue in their career growth. We are committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits that include 100% employer paid premium healthcare, paid parental leave and more.

About the Role

LS Power is a power generation and transmission group with a proven track record of successful development activities, operations management and commercial execution. LS Power has been involved in the development, construction, or operations of over 41,000 MW of power generation and over 660 miles of high-voltage transmission lines throughout the United States. LS Power is actively developing both power generation and transmission infrastructure to serve the need for new generation and improve the aging transmission system. Highly regarded in the financial community, LS Power has raised over $45 billion in capital to support investments in energy infrastructure. 

This position will function as an OT Cyber Security Engineer working with Operations Technology (OT) and critical control center OT systems.  Functioning at an administrator level, you will be responsible for effective provisioning, installation/configuration, operation and maintenance of systems hardware and software and related infrastructure in the OT security stack.  The OT Cyber Security Engineer will ensure that system hardware, operating systems, applications, appliances and related procedures support the organizational mission of providing uncompromising security while maintaining the highest levels of reliable service.  In this role, you will serve as the technical resource for a suite of products used to maintain security and NERC CIP compliance.  You will leverage you skills to design, execute, and mature CIP program implementations across the OT landscape of networks and support systems. Specifically, the position will be responsible for implementation, maturity and maintenance of tools including configuration monitoring, logging, alerting, vulnerability assessment, asset inventory, and change management solutions. The role is also primarily responsible for ensuring security solutions are functioning as expected, and maintaining accurate documentation related to critical cyber assets.  You will operate in a cross-functional capacity working closely with engineers, operators, technicians, vendors and other OT team members. 

Responsibilities

What you will do:

• Mature and maintain security stack including but not limited to configuration monitoring, logging, alerting, vulnerability assessment, asset inventory and change management solutions
• Install new/rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with established standards and operational requirements
• Develop and maintain installation and configuration procedures and related documentation
• Contribute to and maintain baselines in a technically challenging OT environment
• Research and recommend innovative solutions and automation for repetitive tasks
• Perform daily system monitoring, verifying integrity and availability of hardware, server resources, systems and key processes
• Review system and application logs and verify completion of scheduled operations such as system backups 
• Perform regular security monitoring to identify any possible intrusions while evaluating patterns for attempted penetrations to classify potential threat vectors 
• Provide Level 2 and 3 support across the LSPG organization 
• Repair and recover from hardware or software failures
• Recommend, develop, maintain and update operational, configurational and/or other procedure types
• Create dashboards, reports, alerts, specifications, procedures, policies, and related work products
• Monitors Electronic Access Control and Monitoring (EACM) tools for security-related events 
• Researches, analyzes and troubleshoots compliance and security-related events 
• Maintain accurate baselines and other documentation according to NERC standard requirements 
• Assist technical staff with developing and maintaining RSAWs as required for CIP compliance
• Assist with all regulatory reporting for RTO/ISO, regional reliability entity, NERC and FERC
• Maintain knowledge of RTO/ISO protocols, operating guidelines and standards, updates to NERC reliability standards and other applicable regulatory rules as required 
• Support internal and external audits and mock audits as needed by producing evidence and responding to RFIs
• Periodically attend NERC, RTO/ISO and Regional Entity meetings and workshops to keep current with changes in NERC CIP standards and requirements

Qualifications

We want you on our team because you:

• Are self‑motivated, disciplined and possess effective skills necessary for the job as described.
• Have a Bachelor Degree with a technical major, such as computer science or engineering or equivalent work experience
• Have four to six years OT Cyber Security Engineer experience
• Have configuration monitoring, logging, alerting, vulnerability assessment, asset inventory and change management solutions experience
• Have expernce with python, PowerShell and/or other task automation skills
• Have experience supporting CIP compliance in the electric utility business
• Are experienced with implementation and maintenance of security and compliance solutions

Ideally you will have:

• Tripwire Enterprise, IP360, Bigfix, Splunk, ChangeGear, SharePoint or comparable solutions
• Experience with Energy Management Systems (EMS) and Supervisory Control and Data Acquisition (SCADA)
• Advanced IT certification from Microsoft (MCSA or MSCE)
• GIAC, ISC2, CompTIA or other related industry certifications 
• good communication, organization, critical thinking and a strong knowledge of modern software applications and document management strategies.  Knowledge and understanding of electric utility business principles, compliance programs and operations is a plus.