Tri-State Generation and Transmission Association, Inc. EMS Cyber Security Analsyt I, II, III or Senior (IRC26552) in Westminster, Colorado


Responsible for the cyber security of the operating environments used within the Energy Management System (EMS) at the Primary and Backup Control Centers. Ensures that cyber assets in the EMS environment are protected from unauthorized access. Actively monitors systems and networks for potential intrusions. Develops and documents security policies and procedures. Responsible for monitoring security events, conducting vulnerability assessments, reviewing and deploying patches and assuring compliance with North American Electric Reliability Corporation (NERC) cyber security requirements related to the EMS environment.

Note: Please note that there is only one position vacancy available. Applicants will be considered for an Analyst I, II, III or Senior based on overall job qualifications.

Salary Grade: Analyst I - NB18, II - NB20; III - NB22; Senior - NB23

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES(Responsibilities listed below are for a Senior Analyst position. Responsibilities for an Analyst I, III or III are similar but may vary in overall responsibility, accountability and scope.

  • Run Cyber Vulnerability Assessment (CVA) periodically and review and deploy security patches.
  • Monitor security events and maintain overall security posture of the EMS environment.
  • Prepare cyber security reports for the EMS manager.
  • Assure compliance with NERC Cyber Security requirements to include development and on-going administration of EMS cyber security policies and procedures.
  • Customize the security monitoring solutions based on requirements from users and vendor architectures to meet NERC/WECC (Western Electricity Coordinating Council) Critical Infrastructure Protection (CIP) regulations for control systems.
  • Establish benchmarks for cyber security testing in conjunction with EMS management and in accordance with EMS CIP procedures.
  • Provide technical assistance, resolve problems and client questions regarding all Tri-State supported and vendor-supplied network software and hardware used for support of the EMS network and associated applications.
  • Monitor, resolve and/or repair EMS network hardware and software problems; schedule vendor repairs for any problems that cannot be resolved in-house.
  • Perform research and investigate network operating environment developments to maintain the efficient functioning of EMS computer hardware and software.
  • Provide assistance in the preparation of the annual budget.
  • Adhere to and demonstrate compliance with appropriate electric utility industry regulatory requirements.
  • Attain knowledge and remain knowledgeable of development in regulations, laws, standards and best practices applicable to the functional area including, but not limited to, Standards of Conduct, Environmental, Employment Law, NERC Reliability Standards and Safety. Must be familiar with, and comply with, all aspects of Corporate Policy C-54, Compliance
  • Because Tri-State is an electric utility with continuous service obligations to its customers, regular, reliable, and predictable performance of the essential functions and responsibilities is an essential function of the job.
  • Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job.


  • Assist with the automation of system monitoring and compliance procedures.
  • Generate compliance reports routinely, related to the cyber security and event monitoring.
  • Work irregular hours, to include responsibility for the rotating department on-call duty requirement.
  • Perform other related duties as assigned.


  • Planning: Ability to think ahead and plan within timelines and resources; develop scopes, plan and schedule work; set priorities and goals; anticipate and adjust for problems; evaluate workloads; measure and evaluate performance against established goals.
  • Time management: the ability to successfully plan and implement objectives within established timelines and work schedules.
  • Ability to analyze problems and develop effective solutions at both strategic and functional levels.
  • Technical skills in the application of principles and practices of computer science and information systems including basic computer hardware, software applications, and operating systems.
  • Demonstrate behavior consistent with company values.
  • Excellent interpersonal and communication skills.
  • Strong team player.
  • Advanced knowledge of networking concepts and network security.


Education and Training

  • Bachelor of Science degree in Engineering, Computer Science, Business, or an equivalent combination of experience and/or education.
  • Training and/or equivalent experience in the cyber Security related areas of electric utility real time systems.
  • Hold one or more of the recognized cyber security certificates or equivalent experience.

Knowledge, Skills, and Ability:

  • Ability to apply and strong knowledge of, principles and practices of cyber security and computer science and networking concepts.
  • Ability to apply principles and practices of basic computer hardware, operating systems and software applications.
  • Ability to apply principles and practices of computer forensics, ethical hacking, reverse engineering and incident response.
  • Ability to apply principles of network security and encryption methods.
  • Ability to write code or scripts for automation
  • Ability to make clear, consistent, and timely decisions.
  • Ability to maintain clear and open communication with peers and customers.
  • Ability to maintain cooperation and collaboration.
  • Ability to work in partnership with other teams and functional areas.
  • Ability to deliver high quality and innovative service to internal/external customers.
  • Ability to communicate technical information to both technical and non-technical employees and others.
  • Knowledge of Antivirus and Malware protection systems.
  • Knowledge of Network Intrusion Detection Systems (NIDS).
  • Knowledge of process control and Supervisory Control and Data Acquisition Systems (SCADA).
  • Knowledge of operating systems security policies and logging mechanisms and local firewalls.
  • Knowledge of operating systems advanced security tools such as Security Enhanced Linux (SE Linux).
  • Knowledge of change management and configuration management principles.


  • Requirements for a Senior Analyst: Eight (8) or more years of Information Technology (IT) or Operation Technology (OT) experience.
  • Requirements for an Analyst III: Five (5) years of Information Technology (IT) or Operation Technology (OT) experience.
  • Requirements for an Analyst II: Two and one half (2 1/2) to five (5) years of Information Technology (IT) or Operation Technology (OT) experience.
  • Requirements for an Analyst I: Zero (0) to two and one half (2 1/2) years of Information Technology (IT) or Operation Technology (OT) experience.
  • Windows Server and Active Directory
  • LINUX Systems
  • Virtualization technologies (VMWare and Hyper-V)
  • Working knowledge of Tripwire
  • Experience with Splunk
  • Administration of Nessus and RSA
  • Administration of Ivanti
  • Security and networking tools such as Nagios, Cyberark or other related tools.


  • Willingness to travel as needed for meetings, conferences and training. (Must possess a valid driver's license.)
  • Must be able to demonstrate that he/she can perform all of the essential functions of the position.


  • None

Job Title: EMS Cyber Security Analsyt I, II, III or Senior (IRC26552)

Location: Westminster, CO, US

Base Location: HQ - Westminster, CO

Currency: USD

Amount of Travel: Up to 10%

Equal Opportunity Employer – Minority/Female/Disabled/Veteran