Get Into Energy Jobs

Job Information

Tri-State Generation and Transmission Association, Inc. Cyber Security Engineer I, II, III or Senior-Exempt (IRC34424) in Westminster, Colorado

Brief Posting Description

Support the Cyber Security Center by conducting monitoring of security tools, assessing threats, security events, and risks involving any of Tri-State's technology infrastructures. Follow standard operating procedures for detecting, classifying, and reporting incidents under the supervision of the CSC Manager in partnership with other Cyber Security Engineers. Drive security architecture discussions and tool selection. Evaluate and recommend security solutions to management, manage security functions, and resolve security issues.

Note: There is one position available and the position will be filled at one of four job grade levels: Cyber Security Engineer I, job grade NB17; Cyber Security Engineer II, job grade NB19; Cyber Security Engineer III, job grade NB21 or Senior Cyber Security Engineer, job grade NB23. This decision will be based on the qualifications and experience of the candidate selected, and Tri-State business needs at the time of hire.

Tri-State recognizes the value of a highly-engaged and committed workforce and provides an excellent benefits program that includes: Medical Insurance, Dental Insurance, Vision Insurance Health Savings Account (HSA), Flexible Spending Accounts (FSA), Tuition Reimbursement, Life Insurance, Retirement Security Pension Plan, 401K, Long Term Disability (LTD), Short Term Disability (STD), Employee Assistant Program (EAP) and Paid Leave Benefits.

Cyber Security Engineer I

Hiring Salary Range: $55,000-$69,000

Cyber Security Engineer II

Hiring Salary Range: $ 67,000-$84,000

Cyber Security Engineer III

Hiring Salary Range: $81,000-$102,000

Senior Cyber Security Engineer

Hiring Salary Range: $99,000-$123,000

Actual compensation offer to candidate may vary outside of the posted hiring salary range based upon work experience, education, and/or skill level.

Job Requirements


  • Identify gaps in security processes and recommend solutions in the areas of security tools, processes, and procedures.

  • Provide first responder forensics analysis and investigation.

  • Drive containment strategy during data loss or breach events.

  • Triage and resolve advanced vector attacks such as botnets and Advanced Persistent Threats (APTs)

  • Work directly with data asset owners and business response plan owners during high severity incidents.

  • Provide and implement tuning recommendations based on findings during investigations or threat information reviews.

  • Correlate system risk using cross-team collaboration with Incident Response.

  • Conduct network monitoring and intrusion detection analysis using Security Information and Event Management (SIEM) systems, various computer network defense (CND) tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), and other similar tools.

  • Provide tuning and maintenance support for security tools.

  • Correlate network activity across networks to identify trends of unauthorized use.

  • Compile detailed investigation and analysis reports for CSC consumption and delivery to management.

  • Research emerging threats and vulnerabilities to aid in the identification of network incidents.

  • Provide incident response support, including malware analysis, remote system analysis, end-user interviews, and mitigating actions to contain activity and facilitating forensics analysis when necessary.

  • Process tickets assigned to the CSC team.

  • Adhere to and demonstrate compliance with appropriate electric utility industry regulatory requirements. Attain knowledge and remain knowledgeable of development in regulations, laws, standards and best practices applicable to the functional area including, but not limited to, Standards of Conduct, Environmental, Employment Law, NERC Reliability Standards and Safety. Must be familiar with, and comply with, all aspects of Corporate Policy C-54, Compliance.

  • Demonstrate behavior consistent with Tri-State's culture embodied in the Cooperative principles and spirit and core values of technical competency, respect and dignity, accountability, integrity, trustworthiness, and servant leadership to empower or otherwise enable others to optimally perform their job responsibilities. Demonstrate and promote ethics and behaviors consistent with Tri-State's culture, Board policies, and business practices. Understand and fulfill the role and responsibility for all compliance programs within the company.

  • Because Tri-State is an electric utility with continuous service obligations to its customers, regular, reliable, and predictable performance of the essential functions and responsibilities is an essential function of the job.

  • Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job.


  • Perform other related duties as assigned


  • Proven analytical, problem-solving and investigation abilities.

  • Ability to effectively prioritize and execute tasks in high-pressure situations.

  • Ability to conduct research into IT/OT security issues and products as required.

  • Ability to present ideas in line-of-business-friendly and user-friendly language.

  • Highly self-motivated and directed.

  • Keen attention to detail.

  • Team-oriented and skilled in working within a collaborative environment.

  • Ability to analyze complex technical and business problems, meet objectives and deliverables.

  • Demonstrates high quality customer-service skills when dealing with internal and external customers, business partners and others.

  • Demonstrate behavior consistent with company values.

  • Track record of creative problem solving, and the desire to create and build new processes.

  • Time management and multitasking skills.

  • Experience working in fast paced environments and ability manage workload even during times of stress or escalated activity.

  • Willingness to take on impromptu tasks with loosely defined requirements.


Education and Training:

Bachelor's degree in computer science, information technology, business administration or other related area or equivalent combination of experience and education.

Knowledge, Skills, and Ability:

  • Strong understanding of Internet Protocol (IP), Transmission Control Protocol (TCP)/IP, and other network administration protocols.

  • Working technical knowledge of Microsoft server infrastructure and networking, Linux/Unix variant operating systems, and Cisco networking.

  • Familiarity with governance and controls frameworks, such as International Organization of Standardization (ISO), Control Objectives for Information and Related Technology (COBIT), National Institute of Standards and Technology (NIST), Committee of Sponsoring Organizations (COSO) and Information Technology Infrastructure Library ( ITIL).

  • Working knowledge of security architectures and devices.

  • Working knowledge of threat intelligence consumption and management.

  • Working knowledge of root causes of malware infections and proactive mitigation.

  • Working knowledge of lateral movement, footholds, and data exfiltration techniques.

  • Track record of creative problem solving, and the desire to create and build new processes.

  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option.

  • Excellent oral and written communications skills.

  • Ability to maintain effective working relationships.


  • Eight (8) years of IT cyber security related experience with at least one to three (1-3) years of security management, analysis and/or tuning support experience. Those with less experience will be hired at the Cyber Security Engineer I, II or III job grade level, as appropriate.

  • Experience with security architecture and operational support.

  • Experience in security technologies (firewall, antivirus, intrusion detection/prevention, security information event monitoring, vulnerability scanning, data loss prevention, encryption, PKI, Identify Access Management, Rights Management Services, etc.).

  • Experience in designing security/control processes, procedures and formal support documentation.

  • Experience in incident/forensic response planning and execution.

  • Experience with auditor coordination and control compliance.

  • Experience administering or utilizing security information and event management systems.

  • Experience with active threat hunting and adversary tracking.

  • Experience with one or more scripting languages (e.g., Python, JavaScript, Scapy).

  • Experience working in fast paced environments and ability manage workload even during times of stress or escalated activity.


  • Willingness to travel for investigations, meetings and training as needed. (Must possess a valid driver's license.)


  • One or more of the following certifications preferred:

  • Certified Information Systems Security Professional (CISSP)

  • Certified Intrusion Analyst (GCIA)

  • Certified Incident Handler (GCIH)

  • Reverse Engineering Malware Analyst (CREM)

  • Global Information Security Certification (GIAC )

  • Certified Ethical Hacker (CEH)

  • Certified Information Systems Auditor (CISA)

  • Project management experience.

  • Advanced Degree in a related discipline.

  • Experience in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS).

  • Experience in Sarbanes-Oxley (SOX) and North American Electric Reliability Corporation Critical. Infrastructure Protection (NERC CIP) compliance.

  • Experience in multiple technical and business disciplines.

  • Experience in designing and delivering security awareness training.

PHYSICAL AND MENTAL DEMANDS : The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of the position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Physical demands : While performing the duties of this position, the incumbent is primarily required to sit, stand, walk, stoop, bend and frequently utilize a keyboard/computer. Specific vision abilities include close vision, peripheral vision, depth perception and the ability to adjust focus.

  • Mental demands: While performing the duties of this position, the incumbent will be required to problem solve, read, write and analyze data, work under schedules and deadline pressure, present information to others, work independently and use discretion and judgment for confidential or sensitive projects/issues.

  • Work Environment: While performing the duties of this position, the employee is exposed to an office environment indoors, and will occasionally travel outdoors to multiple locations dependent on work.

Additional Details

All employees interested in this position may apply online at the Tri-State Intranet site.

Click on Job Postings, then click on the iRecruitment link, Log In, then click on the iRecruitment Employee Candidate link and then click on Search for jobs.

Company Description

Tri-State Generation and Transmission Association is a wholesale electric power supplier owned by the 42 electric cooperatives that it serves. Tri-State generates and transmits electricity to its member systems throughout a 200,000 square-mile service territory across Colorado, Nebraska, New Mexico and Wyoming.

Serving approximately 1.5 million consumers, Tri-State was founded in 1952 by its member systems to provide a reliable, cost-based supply of electricity. Headquartered in Westminster, Colo., about 1,480 people are employed by Tri-State throughout its four-state service area.

Tri-State's power is generated through a combination of owned baseload and peaking power plants that use coal and natural gas as their primary fuels, supplemented by purchased power, federal hydroelectricity allocations and renewable resource technologies. Tri-State delivers power to its members through a transmission system that includes substation facilities, telecommunications sites and over 5000 miles of high voltage transmission lines.

Interested? Here is how to Apply:

Go to and click on the 'Careers' Link. Search for Job and click 'Apply Now' Icon. You will be required to register in order to apply.

Tri-State: Join the people behind the power. Tri-State recognizes the value of a highly-engaged and committed workforce and provides an excellent benefits program that includes medical, dental, retirement and life insurance. Please visit our careers site at for more details.

Equal Opportunity Employer - Minority/Female/Disabled/Veteran