Get Into Energy Jobs

Job Information

Pacificorp Security Engineer 2 / 3 (Salt Lake City, Portland, or Casper, WY) - 105591 in OGDEN, Utah

Security Engineer 2 / 3 (Salt Lake City, Portland, or Casper, WY) - 105591

Date: Jul 21, 2021

Location: OGDEN, UT, US, 84401

Company: PacifiCorp


PacifiCorp is seeking customer-centric candidates to grow and sustain our commitment to a culture of customer service excellence, environmental sustainability and diversity, equity and inclusion

General Purpose

This position will be the primary security role for patching, configuration, and other security-related activities in an Operational Technology environment.

Manage and maintain security systems (logging, anti-malware, user management, vulnerability scanning, backup, etc) and security technology in corporate and industrial control systems environments. Conduct analysis, create system specifications, develop, test and implement new monitoring and control systems. Parse, archive, and analyze incoming data from across the enterprise for the creation of alarms and digests to the security analyst team. Support Supervisory Control And Data Acquisition systems (SCADA) and Distributed Control Systems (DCS) at electrical generation facilities. With minimal guidance and oversight research and deploy new commercial/OSS tools and projects to meet security requirements, and develop in-house solutions using OSS and custom code. Provide technical assistance/consulting to enable the company to meet security goals and requirements.

Responsibilities

  • Perform hardware installations, upgrades, operating systems and application software installations and upgrades, backup and recovery administration, maintaining users and peripheral equipment, troubleshooting system and application issues. (20-40%)

  • Ensure operational adherence to the Center for Information Security Critical Security Controls, Information Security Management Systems and ISO 27001 certification programs for the enterprise. (15-30%)

  • Maintain the Security Information Event Management (SIEM), Intrusion Detection Systems (IDS), Vulnerability Scanner, ELK research stack, syslog collectors, and other Information Security assets as needed. (10-40%)

  • As needed, perform SCADA communication configuration and data preparation prior to placing an electrical facility under SCADA service. Work closely with field technicians, business system analysts, and engineering staff in this process. (10-30%)

  • Perform vulnerability scans against internal and external targets, both scheduled and ad-hoc in response to internal or external concerns. Use additional data (system logs, network context, etc) to analyze and prioritize identified risks in concert with asset owners. (10-20%)

  • Perform log management for the enterprise, maintaining evidence, where required to support compliance obligations. Includes working with various system owners across the enterprise to assist in bringing logs into the system and developing parsers for new log streams (10-15%)

  • Ensure adherence to various regulatory and policy requirements, including the Critical infrastructure Protection Standards (CIPS) (5-15%)

  • Create and tune automated log analysis and alerting to meet internal system/network changes and ongoing developments in the overall security landscape. (5-15%)

  • Stay abreast of current security trends, and identify new technology that could provide value to the organization. Research/evaluate, acquire/develop, and deploy new Information Security systems, either as standalone systems or as part of larger corporate projects. (5-15%)

  • Provide timely and accurate cross-platform support in response to security threats that may arise that poses a risk systems across the company’s computing enterprise, including forensic investigations. (5%)

  • May act as a lead within a work group; train and mentor level 1&2 security engineers. (0-5%)

  • Perform additional responsibilities as requested or assigned (0-5%)

In addition to the above, level 3 will include the following responsibilities:

  • May act as a lead within a work group; train and mentor level 1&2 security engineers. (0-5%)

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, or related field; or equivalent work experience. (Typically four years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a Bachelor’s degree. A minimum of two years additional directly related technical experience is required.)

  • A minimum of five or more years of experience in Security Information Management and Intrusion Detection systems with associated incident response experience.

  • A minimum of three years of experience working with Industrial Control Systems (ICS) or a manufacturing environment.

  • Demonstrated knowledge of security principles through achievement and/or active pursuit of advanced security certification including CISM or CISSP.

  • Excellent system administration skills on Windows and Linux systems.

  • Exposure to programming languages such as PERL as well as open source security tools such as SNARE, SNORT, etc.

  • Ability to construct and execute complex database queries using SQL.

  • Advanced technical knowledge of complex database, network software, and disaster recovery practices.

  • Demonstrated knowledge of information technology terms, equipment, systems, functions, and major vendors.

  • Excellent oral and written communication skills, including presentation skills.

  • Effective interpersonal skills and customer relationship skills.

  • Effective analytical, problem-solving and decision-making skills.

  • Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.

  • Availability as a resource for problem resolution on a rotating 24-hour basis.

In addition to the above, level 3 will include the following requirements:

  • A minimum of five or more years of experience in Security Information Management and Intrusion Detection systems with associated incident response experience.

  • A minimum of three years of experience working with Industrial Control Systems (ICS) or a manufacturing environment.

  • Excellent system administration skills on Windows and Linux systems.

  • Advanced technical knowledge of complex database, network software, and disaster recovery practices.

  • Project management skills; ability to prioritize and handle multiple tasks and projects concurrently.

Preferences

  • Knowledge of Energy Management Systems.

  • Experience with integration and administration of physical security technology.

  • Experience with GE iFix, GE Mark VIe, Schneider Modicon, Siemens DCS, Emerson Ovation.

Additional Information

Req Id: 105591

Company Code: PacifiCorp

Primary Location:Salt Lake City, Portland, or Casper, WY

Department: PacifiCorp Corporate

Schedule: FT

Personnel Subarea: Exempt

Hiring Range: 81,800-110,500

This position is eligible for an annual discretionary performance incentive bonus of up to 12.00 -15.00% of salary.

Employees must be able to perform the essential functions of the position with or without an accommodation.

At PacifiCorp, we encourage everyone to work together. We embrace diversity and value the distinct perspectives of all our employees. We strive to cultivate a workplace that connects each employee to the organization and enables all individuals to participate and contribute to their full potential.

It is PacifiCorp's policy to provide and promote equal employment opportunity to all employees and applicants in accordance with local, state and federal laws and regulations governing personnel activities. In accordance with federal guidelines, PacifiCorp is committed to a program of affirmative action. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, veteran status, national origin, sexual orientation or gender identity.

All offers of employment are contingent upon the successful completion of a background check and drug screening.

DirectEmployers