Tri-State Generation and Transmission Association, Inc. IT Network Security Specialist I, II, III or Senior (IRC25146) in Westminster, Colorado

Responsible for Information Technology (IT) Operations Network day-to-day security activities including developing, administrating, and enforcing logical and manual network security controls and procedures. Responsible for protecting company hardware, software, networks and data in a UNIX, Linux, Windows, Firewall, Networking and Internet distributed system environment and working with Cyber Security Network (CSN) team lead to meet the IT security and network demands. Responsible for evaluating, developing, implementing, and maintaining compliance functions for assets in a highly secured network and providing appropriate documentation for compliance. Responsible for evaluating, selecting, testing, implementing and enforcing manual and automated security controls that promote and safeguard Tri-State data and systems.

NOTE: There is one position available and this position will be filled at either the IT Network Security Specialist I (NB17), IT Network Security Specialist II (NB19), IT Network Security Specialist III (NB21) or IT Senior Network Security Specialist(NB23). This decision will be based on the qualifications and experience of the selected candidate and Tri-State business needs at the time of hire.


  • Plan network security systems through evaluation of network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; and adhering to industry standards.
  • Maintain and enforce IT Operations and Network (OpsNet) strategy and standards, as developed by IT Management and the IT Architecture functions.
  • Document procedures, guidelines, and baselines for network security technologies.
  • Develop, administer, monitor, track and report performance data correlated to compliance and security.
  • Assist with the development of architectural strategy, including technology standardization and modernization of enterprise, data center and network security infrastructure.
  • Participate in evaluating, maintaining, and testing the IT disaster recovery plan for network security functions.
  • Research technologies to enhance and evolve the network and security infrastructure.
  • Analyze existing network security structure in order to define, design and achieve simplified, modern, application-focused network security architectures.
  • Take a leadership role on network security infrastructure projects to design and architect large-scale networks.
  • Ensure that architecture principles and technology standards are consistently applied and updated as appropriate.
  • Maintain ongoing communications with all network security stakeholders.
  • Evaluate, select, test, implement and enforce manual and automated security and network controls that promote and safeguard Tri-State data and systems.
  • Assist in the development, implementation, testing and maintenance of the incident response, disaster recovery and business continuity plans.
  • Adhere to and demonstrate compliance with appropriate electric utility industry regulatory requirements. Attain knowledge and remain knowledgeable of development in regulations, laws, standards and best practices applicable to the functional area including, but not limited to, Standards of Conduct, Environmental, Employment Law, NERC Reliability Standards and Safety. Must be familiar with, and comply with, all aspects of Corporate Policy C-54, Compliance.
  • Demonstrate behavior consistent with Tri-State's culture embodied in the Cooperative principles and spirit and core values of technical competency, respect and dignity, accountability, integrity, trustworthiness, and servant leadership to empower or otherwise enable others to optimally perform their job responsibilities. Demonstrate and promote ethics and behaviors consistent with Tri-State's culture, Board policies, and business practices. Understand and fulfill the role and responsibility for all compliance programs within the company.
  • Because Tri-State is an electric utility with continuous service obligations to its customers, regular, reliable, and predictable performance of the essential functions and responsibilities is an essential function of the job.
  • Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job.


  • Perform other related duties as assigned


  • Planning: ability to think ahead and plan within timelines and resources; develop scopes, plan and schedule work; work with team members to do the schedule as well; set priorities and goals; anticipate and adjust for problems; evaluate workloads; measure and evaluate performance against established goals.
  • Time management: ability to successfully plan and implement objectives within established timelines and work schedules.
  • Ability to analyze problems and develop effective solutions at both strategic and functional levels.
  • Demonstrate behavior consistent with company values.
  • Excellent communications skills, especially technical report writing.
  • Strong team player: accomplishes tasks by working with others and being a good team player. Recognizes how his/her decisions may impact others; seeks input from others.
  • Computer proficiency in operating a personal computer and standard business office applications including Microsoft Office suite, SharePoint, and other related applications.
  • Ability to work independently, with minimal direction as a highly motivated self-starter.


Education and Training

  • Bachelor's Degree in business, computer science or information systems or other related area.

Knowledge, Skills, and Ability:

  • Proven skills with TCP/IP, LAN and WAN networking
  • Knowledge of designing and implementing core application services including Network Time Protocol (NTP), Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP).
  • Extensive network protocol knowledge including the use of first hop routing protocols, BGP, OSPF, EIGRP, and VXLAN.
  • Strong packet analysis knowledge.
  • Expertise in analyzing, diagnosing and resolving problems in support of router/switches, firewalls, and wireless
  • Proven success in implementing network security monitoring and instrumentation.
  • Ability to work independently or within a team environment.
  • Project management skills required to provide leadership in planning and organizing hardware and software changes.
  • Strong skills in written and verbal communications, relating technical aspects to management and end users.
  • Strong skills in reading and evaluating technical information. Skills in managing, planning and organizing personal work efforts
  • Skills and experience in firewall administration, network intrusion detection system (IDS) administration, Active Directory and Group Policy Objects, Anti-virus administration consoles, Data Loss Prevention (DLP) systems, Microsoft Windows operating systems, Linux operating systems and advanced cyber security toolkits, malware analysis, penetration testing, and digital forensics tools.
  • Ability to react calmly, quickly, and rationally during crisis situation.
  • Knowledge of North American Electric Reliability Corporation (NERC), Federal Energy Regulatory Commission (FERC), and Critical Infrastructure Protection (CIP).
  • Familiarity with current enterprise network defense capabilities and global cyber threats.
  • Knowledge of security techniques and information systems controls to secure an enterprise infrastructure.


  • Eight (8) years of progressive related experience in networking and security.
  • Experience with Wireless network design and site surveys.
  • Experience with Public Key Infrastructure (PKI) and deployment with Hardware Security Modules (HSM).
  • Experience with WAN optimization technologies within Enterprise and Datacenter networks.
  • Experience with network access control solutions and 802.1 x authentications.


  • Must be able to demonstrate that he/she can perform all of the essential functions of the position.
  • Willingness to travel up to 20% of the time on an annual basis. (Possession of a current valid driver's license or ability to obtain).
  • Must be able to physically deploy switches, wireless access points, firewalls, and other networking devices.


  • Certification as information systems auditor (CISA), information systems security professional (CISSP) or other certifications a plus.
  • CCIE, CCNP, CISSP and GIAC certifications highly desirable.

The above requirements describe the experience and education qualifications for the IT Network Security Specialist. Those with less experience will be hired at the Level I, II or III.

PHYSICAL AND MENTAL DEMANDS: The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of the position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Physical demands: While performing the duties of this position, the incumbent is primarily required to sit, stand, walk, stoop, bend and frequently utilize a keyboard/computer. Specific vision abilities include close vision, peripheral vision, depth perception and the ability to adjust focus.

Mental demands: While performing the duties of this position, the incumbent will be required to problem solve, read, write and analyze data, work under schedules and deadline pressure, present information to others, work independently and use discretion and judgment for confidential or sensitive projects/issues.

Work Environment: While performing the duties of this position, the employee is exposed to an office environment indoors, and will occasionally travel outdoors to multiple locations dependent on work.

Job Title: IT Network Security Specialist I, II, III or Senior (IRC25146)

Location: Westminster, CO, US

Base Location: Headquarters-Westminster, Colorado

Currency: USD

Amount of Travel: Up to 20%

Equal Opportunity Employer – Minority/Female/Disabled/Veteran