Portland General Electric Senior Cyber Security Control Systems Analyst – OT Cybersecurity in Tualatin, Oregon
This is an exciting time to join Portland General Electric. As Oregon’s largest electric utility, Portland General Electric is leading an energy transformation that will harness the power of clean and renewable resources. Our vision for a clean energy future relies on three interrelated and overarching strategies: de-carbonize through investing in clean and reliable energy; modernize through a smarter more resilient grid; and empower our customers in their energy technology choices.
We’re searching for innovative, customer and results-obsessed leaders to help power our mission and lead the way in championing the world’s clean energy future!
Senior Cyber Security Control Systems Analyst – OT Cybersecurity
In this role, you will have the unique opportunity to join our Operational Technology (OT) Cybersecurity team! OT Cybersecurity is a department of dedicated Compliance Analysts and Cybersecurity Specialists that support Cybersecurity and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance programs for PGE’s operational assets.
Our team is responsible for subject matter expertise in Cybersecurity practices related to Operational Technology and for developing and overseeing the implementation of a roadmap to reduce the risk of Cybersecurity events impacting PGE’s operational systems. OT Cybersecurity also oversees the development and operation of the T&D and Generation NERC CIP compliance programs, interfacing with a wide range of teams who perform planning, design, and hands-on work to ensure the reliable operation of the Bulk Electric System.
In this role you will perform risk analyses, develop best practices, and drive the implementation of Cybersecurity controls in the Telecommunications, Generation, and T&D operational units.
Senior Cyber Security Control Systems Analyst
Job Function: Cyber Security
Control Systems Design, develop and maintain the physical infrastructure and network components. Implement standards and guidelines. Perform reliability testing and plan emergency or disaster procedures. Install and set up equipment, troubleshoot and resolve errors, perform preventative maintenance and plan down-time procedures. Execute security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
Key Job Information
Requires specialized depth and/or breadth of expertise Interprets internal or external business issues and recommends best practices Solves complex problems; takes a broad perspective to identify innovative solutions Works independently, with guidance in only the most complex situations May lead functional teams or projects
Planning and Support: Creates and maintains overall network plans to support the company’s business strategy and plans all aspects of the infrastructure necessary to ensure provision of network services. Drafts and maintains procedures and documentation for network support. Leads others in or personally uses network management software and tools to investigate and diagnose and resolve complex network problems. Provides technical expertise to enable the correct application of operational procedures. Evaluates potential systems and process vulnerabilities to determine security infrastructure requirements. Manages network intrusion detection and prevention systems.
Installation and Maintenance: Advises and assists staff in carrying out security development, implementation, operations and maintenance requirements when staff members install or update software, networks and applications. Recommend and implement changes to enhance systems security and prevent unauthorized access.
Incident Response: Investigates major security breaches and recommends control improvements. Ensures that incidents are handled according to established procedures. Investigates incidents escalated to responsible service owners and seeks resolution. Facilitates recovery following resolution of incidents. Ensures resolved incidents are properly documented and closed. Analyzes incidents and determines actions to minimize probability of recurrence. Analyzes metrics and reports on performance of incident management process.
Security Controls Administration: Establish plans and protocols to protect systems against unauthorized access. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. Identifies alternative solutions and feasibility and recommends new approaches. Guides staff in the design and implementation of monitoring processes and control procedures. Evaluates the financial, cultural, technological, organizational and environmental factors which must be addressed in the change program. Establishes client requirements for the implementation of significant changes. Establishes and manages analytical methods and techniques, such as predictive analytics, enterprise decision support, retail analytics and web analytics. Plans and implements the dissemination of methods and techniques.
Availability Management: Recommends or develops policies, strategies, plans and processes for the design, monitoring, measurement, maintenance, reporting and continuous improvement of service and component availability, including the development and implementation of new availability techniques and methods.
Requires a bachelor’s degree in cyber security, computer science, or other information technology related field or equivalent experience.
Typically, eight or more years in information systems, computer programing, cyber security, network administration or a related field.
Competencies (Knowledge, Skills, Abilities)
Advanced knowledge of SCADA Advanced knowledge of Telecommunications Industry Association (Serial Communications, Ethernet), Cybersecurity National Institute of Standards and Technology, International Electro Technical Commission, Institute of Electrical Electronics Engineers and applicable regulatory requirements.
Advanced knowledge of substation automation block diagrams.
Advanced knowledge of Energy Management System (EMS).
Advanced knowledge of network/LAN interfaces.
Advanced knowledge of forensic investigative techniques.
Advanced knowledge of IT risk management principles, practices and techniques
Join us today and power your potential!
To be considered for this position, please complete the following employment application by the posting close date. A cover letter may be needed with your application to be considered for this position.
PGE believes in rewarding strong performance. We provide a total compensation package that is designed to reward your contributions to the company, and, at the same time, support your well-being and professional development, both now and into the future.
PGE is committed to diversity and inclusion in the workplace and is an equal opportunity employer. PGE will not discriminate against any employee or applicant for employment based on race, color, national origin, gender, gender identity, sexual orientation, age, religion, disability, protected veteran status, or other characteristics protected by law.
Assisting with storms or other Company emergencies is a part of all positions at Portland General Electric.
Talent Acquisition Contact:
This job posting will close at 12:01 am Pacific Time on the closing date listed below:
At Portland General Electric, we’re innovators, builders, and achievers. We’re committed to powering our customers’ potential and making a difference for our community and the planet. Today, that commitment includes developing an intelligent and resilient electric grid, electrifying transportation and de-carbonizing the energy sector.
We’re proud to deliver an exceptional experience to help our customers thrive. Our mission is to make clean, reliable and affordable energy services available to all. We obsess over serving customers and are committed to growing employee career paths with purpose. Equity and inclusion are core business values; we celebrate our differences and are committed to developing teams that reflect the communities we serve.