Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Cyber Security Control Systems Analyst – OT Cybersecurity
Company Portland General Electric
Location Portland, OR
Preferred GIAC Certifications GISCP, GRID
Travel 10%
Salary Not provided
Contact Name Toley Clague
Contact Email Toley.Clague/at/
Expires 2021-03-11

Job Description

Senior Cyber Security Control Systems Analyst – OT Cybersecurity

In this role, you will have the unique opportunity to join our Operational Technology (OT) Cybersecurity team! OT Cybersecurity is a department of dedicated Compliance Analysts and Cybersecurity Specialists that support Cybersecurity and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance programs for PGE’s operational assets.

Our team is responsible for subject matter expertise in Cybersecurity practices related to Operational Technology and for developing and overseeing the implementation of a roadmap to reduce the risk of Cybersecurity events impacting PGE’s operational systems. OT Cybersecurity also oversees the development and operation of the T&D and Generation NERC CIP compliance programs, interfacing with a wide range of teams who perform planning, design, and hands-on work to ensure the reliable operation of the Bulk Electric System.

In this role you will perform risk analyses, develop best practices, and drive the implementation of Cybersecurity controls in the Telecommunications, Generation, and T&D operational units.

Senior Cyber Security Control Systems Analyst

Job Function: Cyber Security

Control Systems Design, develop and maintain the physical infrastructure and network components. Implement standards and guidelines. Perform reliability testing and plan emergency or disaster procedures. Install and set up equipment, troubleshoot and resolve errors, perform preventative maintenance and plan down-time procedures. Execute security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.

Key Job Information

Requires specialized depth and/or breadth of expertise Interprets internal or external business issues and recommends best practices Solves complex problems; takes a broad perspective to identify innovative solutions Works independently, with guidance in only the most complex situations May lead functional teams or projects

Key Responsibilities

* Planning and Support: Creates and maintains overall network plans to support the company’s business strategy and plans all aspects of the infrastructure necessary to ensure provision of network services. Drafts and maintains procedures and documentation for network support. Leads others in or personally uses network management software and tools to investigate and diagnose and resolve complex network problems. Provides technical expertise to enable the correct application of operational procedures. Evaluates potential systems and process vulnerabilities to determine security infrastructure requirements. Manages network intrusion detection and prevention systems.

* Installation and Maintenance: Advises and assists staff in carrying out security development, implementation, operations and maintenance requirements when staff members install or update software, networks and applications. Recommend and implement changes to enhance systems security and prevent unauthorized access.

* Incident Response: Investigates major security breaches and recommends control improvements. Ensures that incidents are handled according to established procedures. Investigates incidents escalated to responsible service owners and seeks resolution. Facilitates recovery following resolution of incidents. Ensures resolved incidents are properly documented and closed. Analyzes incidents and determines actions to minimize probability of recurrence. Analyzes metrics and reports on performance of incident management process.

* Security Controls Administration: Establish plans and protocols to protect systems against unauthorized access. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. Identifies alternative solutions and feasibility and recommends new approaches. Guides staff in the design and implementation of monitoring processes and control procedures. Evaluates the financial, cultural, technological, organizational and environmental factors which must be addressed in the change program. Establishes client requirements for the implementation of significant changes. Establishes and manages analytical methods and techniques, such as predictive analytics, enterprise decision support, retail analytics and web analytics. Plans and implements the dissemination of methods and techniques.

* Availability Management: Recommends or develops policies, strategies, plans and processes for the design, monitoring, measurement, maintenance, reporting and continuous improvement of service and component availability, including the development and implementation of new availability techniques and methods.


* Requires a bachelor’s degree in cyber security, computer science, or other information technology related field or equivalent experience.
* Typically, eight or more years in information systems, computer programing, cyber security, network administration or a related field.
* GICSP or GRID certifications preferred

Competencies (Knowledge, Skills, Abilities)

* Advanced knowledge of SCADA Advanced knowledge of Telecommunications Industry Association (Serial Communications, Ethernet), Cybersecurity National Institute of Standards and Technology, International Electro Technical Commission, Institute of Electrical Electronics Engineers and applicable regulatory requirements.
* Advanced knowledge of substation automation block diagrams.
* Advanced knowledge of Energy Management System (EMS).
* Advanced knowledge of network/LAN interfaces.
* Advanced knowledge of forensic investigative techniques.
* Advanced knowledge of IT risk management principles, practices and techniques