Oglethorpe Power
Tucker, Georgia
POSITION SUMMARY: The Cybersecurity Analyst is responsible for safeguarding the Corporation's data, systems, and cybersecurity posture. This includes managing endpoint security solutions, protecting cloud environments (e.g., Microsoft 365 and Microsoft Azure), and overseeing key security tools and capabilities. The Analyst develops and maintains cybersecurity policies, architectures, and standards to ensure compliance with industry regulations and best practices. The role monitors emerging threats, responds to security incidents, and conducts investigations to mitigate vulnerabilities. Cybersecurity Analysts implement data classification frameworks, enforce secure handling of sensitive information, and manage encryption protocols. They deploy and optimize cybersecurity tools, manage threat intelligence platforms, and proactively address risks to ensure organizational resilience. This position requires strong analytical skills, technical expertise, and the ability to collaborate across teams to maintain a secure IT environment. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, SOX, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives. JOB DUTIES/ESSENTIAL FUNCTIONS Endpoint Security Management:Manage endpoint detection and response (EDR) solutions and ensure optimal configuration and operation across corporate systems. Monitor and respond to endpoint threats, implement remediation measures, and maintain system integrity. Cloud Security Management:Design, implement, and maintain cloud security solutions, focusing on platforms such as Microsoft 365 and Microsoft Azure. Ensure secure configurations, monitor cloud environments for potential threats, manage access controls, and safeguard cloud-based resources. Data Protection and Classification:Develop and implement data protection strategies, including encryption, secure storage, and access control measures. Establish and maintain data classification frameworks to ensure sensitive information is securely handled and complies with regulatory requirements. Threat Intelligence, Incident Response, and Investigation:Monitor emerging threats and maintain situational awareness through threat intelligence platforms. Respond to security incidents by investigating root causes, analyzing attack vectors, and documenting findings. Collaborate with teams on mitigation strategies to prevent recurrence and improve overall security posture. Cybersecurity Tools Management:Deploy, configure, and maintain cybersecurity tools and capabilities, such as intrusion detection systems (IDS), security information and event management (SIEM) systems, vulnerability management platforms, and other security solutions. Monitor tool efficacy and update configurations as needed. Policy, Architecture, and Standards Development:Establish, review, and update cybersecurity policies, architectures, and standards to align with industry best practices and regulations. Collaborate with stakeholders to ensure policies are actionable and effectively implemented across the organization. REQUIRED QUALIFICATIONS Education: A Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, Engineering, Information Systems, or a related field from an accredited college or university. Cybersecurity Analyst III Experience: Minimum of 4 years in managing cybersecurity tools, implementing secure cloud configurations, leading data protection strategies, and conducting security investigations. Equivalent Experience: Minimum of 8 years of relevant experience may also be considered. Responsibility: Independently manages endpoint and cloud security systems, leads data protection initiatives, investigates security incidents, and contributes to threat intelligence monitoring and policy development. Cybersecurity Analyst IV Experience: Minimum of 6 years in designing and managing cybersecurity systems, implementing secure cloud strategies, developing data protection measures, and proactively using threat intelligence. Equivalent Experience: Minimum of 10 years of relevant experience may also be considered. Responsibility: Leads projects for the implementation of advanced cybersecurity tools and solutions, focusing on cloud security for Microsoft Azure and Microsoft 365. Investigates complex incidents, analyzes threat intelligence, and develops detailed policies and standards. Provides technical expertise across the IT function. Cybersecurity Analyst V Experience: Minimum of 8 years in architecting and managing cybersecurity tools, implementing secure cloud strategies, overseeing enterprise-wide data protection measures, and leading incident response efforts. Equivalent Experience: Minimum of 12 years of relevant experience may also be considered. Responsibility: Oversees major projects involving cybersecurity architecture, cloud security tool implementation, and compliance strategies. Provides leadership in incident response, threat intelligence integration, and enterprise security policy development. Licenses, Certifications and/or Registrations: Relevant certificationsare a plus: Certified Information Systems Security Professional (CISSP) CompTIA Security+ Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Cybersecurity Architect Expert GIAC Certified Incident Handler (GCIH) GIAC Security Essentials Certification (GSEC) Certified Ethical Hacker (CEH) ITIL Foundation Specialized Skills (e.g., typing, computers, software, tools and equipment uses, etc.): Technical Expertise: Proficiencyin endpoint security solutions (e.g., EDR, antivirus, DLP). Strong knowledge of cloud security principles, especially forMicrosoft 365 and Microsoft Azure. Experience with cybersecurity tools such as SIEM platforms, vulnerability management systems, and IDS/IPS tools. Familiarity with data encryption, secure storage solutions, and access control mechanisms. Understanding ofthreat intelligence platforms and proactive risk management strategies. Security In-depth understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements (e.g., NERC CIP, SOX). Expertise inincident response processes and forensic investigation techniques. Knowledge of advanced security architectures, policies, and standards. Soft Skills: Excellent problem-solving/analyticalskills and attention to detail. Good oral and written communication and interpersonal skills. Excellent customer service focus and positive attitude. Ability to work independently and as part of a team.
POSITION SUMMARY: The Cybersecurity Analyst is responsible for safeguarding the Corporation's data, systems, and cybersecurity posture. This includes managing endpoint security solutions, protecting cloud environments (e.g., Microsoft 365 and Microsoft Azure), and overseeing key security tools and capabilities. The Analyst develops and maintains cybersecurity policies, architectures, and standards to ensure compliance with industry regulations and best practices. The role monitors emerging threats, responds to security incidents, and conducts investigations to mitigate vulnerabilities. Cybersecurity Analysts implement data classification frameworks, enforce secure handling of sensitive information, and manage encryption protocols. They deploy and optimize cybersecurity tools, manage threat intelligence platforms, and proactively address risks to ensure organizational resilience. This position requires strong analytical skills, technical expertise, and the ability to collaborate across teams to maintain a secure IT environment. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, SOX, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives. JOB DUTIES/ESSENTIAL FUNCTIONS Endpoint Security Management:Manage endpoint detection and response (EDR) solutions and ensure optimal configuration and operation across corporate systems. Monitor and respond to endpoint threats, implement remediation measures, and maintain system integrity. Cloud Security Management:Design, implement, and maintain cloud security solutions, focusing on platforms such as Microsoft 365 and Microsoft Azure. Ensure secure configurations, monitor cloud environments for potential threats, manage access controls, and safeguard cloud-based resources. Data Protection and Classification:Develop and implement data protection strategies, including encryption, secure storage, and access control measures. Establish and maintain data classification frameworks to ensure sensitive information is securely handled and complies with regulatory requirements. Threat Intelligence, Incident Response, and Investigation:Monitor emerging threats and maintain situational awareness through threat intelligence platforms. Respond to security incidents by investigating root causes, analyzing attack vectors, and documenting findings. Collaborate with teams on mitigation strategies to prevent recurrence and improve overall security posture. Cybersecurity Tools Management:Deploy, configure, and maintain cybersecurity tools and capabilities, such as intrusion detection systems (IDS), security information and event management (SIEM) systems, vulnerability management platforms, and other security solutions. Monitor tool efficacy and update configurations as needed. Policy, Architecture, and Standards Development:Establish, review, and update cybersecurity policies, architectures, and standards to align with industry best practices and regulations. Collaborate with stakeholders to ensure policies are actionable and effectively implemented across the organization. REQUIRED QUALIFICATIONS Education: A Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, Engineering, Information Systems, or a related field from an accredited college or university. Cybersecurity Analyst III Experience: Minimum of 4 years in managing cybersecurity tools, implementing secure cloud configurations, leading data protection strategies, and conducting security investigations. Equivalent Experience: Minimum of 8 years of relevant experience may also be considered. Responsibility: Independently manages endpoint and cloud security systems, leads data protection initiatives, investigates security incidents, and contributes to threat intelligence monitoring and policy development. Cybersecurity Analyst IV Experience: Minimum of 6 years in designing and managing cybersecurity systems, implementing secure cloud strategies, developing data protection measures, and proactively using threat intelligence. Equivalent Experience: Minimum of 10 years of relevant experience may also be considered. Responsibility: Leads projects for the implementation of advanced cybersecurity tools and solutions, focusing on cloud security for Microsoft Azure and Microsoft 365. Investigates complex incidents, analyzes threat intelligence, and develops detailed policies and standards. Provides technical expertise across the IT function. Cybersecurity Analyst V Experience: Minimum of 8 years in architecting and managing cybersecurity tools, implementing secure cloud strategies, overseeing enterprise-wide data protection measures, and leading incident response efforts. Equivalent Experience: Minimum of 12 years of relevant experience may also be considered. Responsibility: Oversees major projects involving cybersecurity architecture, cloud security tool implementation, and compliance strategies. Provides leadership in incident response, threat intelligence integration, and enterprise security policy development. Licenses, Certifications and/or Registrations: Relevant certificationsare a plus: Certified Information Systems Security Professional (CISSP) CompTIA Security+ Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Cybersecurity Architect Expert GIAC Certified Incident Handler (GCIH) GIAC Security Essentials Certification (GSEC) Certified Ethical Hacker (CEH) ITIL Foundation Specialized Skills (e.g., typing, computers, software, tools and equipment uses, etc.): Technical Expertise: Proficiencyin endpoint security solutions (e.g., EDR, antivirus, DLP). Strong knowledge of cloud security principles, especially forMicrosoft 365 and Microsoft Azure. Experience with cybersecurity tools such as SIEM platforms, vulnerability management systems, and IDS/IPS tools. Familiarity with data encryption, secure storage solutions, and access control mechanisms. Understanding ofthreat intelligence platforms and proactive risk management strategies. Security In-depth understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements (e.g., NERC CIP, SOX). Expertise inincident response processes and forensic investigation techniques. Knowledge of advanced security architectures, policies, and standards. Soft Skills: Excellent problem-solving/analyticalskills and attention to detail. Good oral and written communication and interpersonal skills. Excellent customer service focus and positive attitude. Ability to work independently and as part of a team.
Keenbee Talent Soluitions
Albuquerque, New Mexico
In this role, you will provide cybersecurity engineering support to classified networks, ensuring the confidentiality, integrity, and availability of systems aligned with U.S. Space Force priorities. You will assist in the design and implementation of security solutions to protect against evolving cyber threats. You will support cybersecurity program activities by providing recommendations in accordance with DAF, DoD, and IC standards. Responsibilities include conducting program reviews, tracking action items, and ensuring compliance with IT security policies. As a cybersecurity subject matter expert, you will ensure solutions are compatible with existing systems and properly coordinated through configuration management processes while supporting program leadership and government stakeholders. Key Responsibilities The Cybersecurity Information Systems Security Engineer, SME will: Provide strategic and technical guidance to project teams supporting mission-critical DoD initiatives Lead research, design, and development efforts to meet program requirements and specifications Oversee technical execution of major initiatives, ensuring alignment with performance, schedule, and budget objectives Monitor and evaluate design considerations, including cost, schedule, and technical impacts Identify and assess risks, providing actionable insights to mitigate impacts to program execution Ensure deliverables meet quality standards and align with operational and warfighting objectives Facilitate collaboration across cross-functional teams and stakeholders to achieve project goals Initiate, refine, and manage project requirements through full lifecycle completion Conduct studies, data analysis, and evaluations to support strategic decision-making Requirements Skills and Experience The Cybersecurity Information Systems Security Engineer, SME must have: Active TS/SCI 15+ years of relevant experience supporting DoD programs Experience in aerospace and/or industry strategy environments Deep knowledge of the Risk Management Framework (RMF) and NIST standards Expertise in cybersecurity policies, programs, and best practices Proven ability to manage projects end-to-end, including scope, resources, timelines, and risk Strong analytical and critical thinking skills, with a proactive approach to problem-solving Ability to work independently while effectively engaging with team members and senior leadership Strong communication skills, with the ability to clearly articulate complex concepts and strategies Recognized as a subject matter expert or leader within the field Education and Certifications Required: Masters degree (MA, MS, or ME) Equivalent work experience may be considered in lieu of education DoD 8170 IASAE Level III (IAM Level III with relevant experience may be considered as a substitute) Benefits Medical, dental, vision, disability, and life insurance Flexible Spending Accounts 401(k) PTO Paid Parental Leave Tuition reimbursement Paid federal holidays
In this role, you will provide cybersecurity engineering support to classified networks, ensuring the confidentiality, integrity, and availability of systems aligned with U.S. Space Force priorities. You will assist in the design and implementation of security solutions to protect against evolving cyber threats. You will support cybersecurity program activities by providing recommendations in accordance with DAF, DoD, and IC standards. Responsibilities include conducting program reviews, tracking action items, and ensuring compliance with IT security policies. As a cybersecurity subject matter expert, you will ensure solutions are compatible with existing systems and properly coordinated through configuration management processes while supporting program leadership and government stakeholders. Key Responsibilities The Cybersecurity Information Systems Security Engineer, SME will: Provide strategic and technical guidance to project teams supporting mission-critical DoD initiatives Lead research, design, and development efforts to meet program requirements and specifications Oversee technical execution of major initiatives, ensuring alignment with performance, schedule, and budget objectives Monitor and evaluate design considerations, including cost, schedule, and technical impacts Identify and assess risks, providing actionable insights to mitigate impacts to program execution Ensure deliverables meet quality standards and align with operational and warfighting objectives Facilitate collaboration across cross-functional teams and stakeholders to achieve project goals Initiate, refine, and manage project requirements through full lifecycle completion Conduct studies, data analysis, and evaluations to support strategic decision-making Requirements Skills and Experience The Cybersecurity Information Systems Security Engineer, SME must have: Active TS/SCI 15+ years of relevant experience supporting DoD programs Experience in aerospace and/or industry strategy environments Deep knowledge of the Risk Management Framework (RMF) and NIST standards Expertise in cybersecurity policies, programs, and best practices Proven ability to manage projects end-to-end, including scope, resources, timelines, and risk Strong analytical and critical thinking skills, with a proactive approach to problem-solving Ability to work independently while effectively engaging with team members and senior leadership Strong communication skills, with the ability to clearly articulate complex concepts and strategies Recognized as a subject matter expert or leader within the field Education and Certifications Required: Masters degree (MA, MS, or ME) Equivalent work experience may be considered in lieu of education DoD 8170 IASAE Level III (IAM Level III with relevant experience may be considered as a substitute) Benefits Medical, dental, vision, disability, and life insurance Flexible Spending Accounts 401(k) PTO Paid Parental Leave Tuition reimbursement Paid federal holidays
Oglethorpe Power
Tucker, Georgia
This Engineer role, part of GSOC's Security Operations department, is responsible for protecting the cyber assets that support GSOC and GTC's digital operations. The position focuses on conducting cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The Engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will bring a strong background in power engineering and substation design including protective relaying and control systems along with experience in cybersecurity and NERC CIP compliance. Performs duties related to ensuring that the systems and networks used for operations are managed securely and in compliance with NERC Critical Infrastructure Protection (CIP) standards. Supports and implements GSOC's physical and cyber security programs including projects related to the security of the digital operations infrastructure and NERC CIP Compliance. Identifies, designs, and implements innovative solutions and uses of security technologies that enable smooth business and operations activities. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives. Job Duties: Engineer I-III Develops and maintains components of GSOC's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes. Identifies, documents, and implements approved improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts. Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading efforts to ensure that the systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Engineer IV - V Develops and maintains components of GSOC's physical and cyber security programs. Serves as Lead Engineer or Architect of major Power Technology enterprise-level projects associated with initiatives with significant impact to GSOC operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes. Leads initiatives that identify improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Leads corporate efforts in identifying, studying, and implementing technologies to secure GSOC and GTC's digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies. Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts. Leads corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading strategic initiatives and projects that ensure systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Required Qualifications: Education: Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems/Technology, or a related field. Experience: Engineer I 0-24 months of experience in areas above in cyber security, information assurance, or related positions Engineer II Minimum of 2 years of experience in areas above in cyber security, information assurance, or related positions Engineer III Minimum of 4 years of experience in areas above in cyber security, information assurance, or related positions Engineer IV - V Minimum of 6+ years of experience in areas above in cyber security, information assurance, or related positions Additional Required Experience: Experience configuring, and analyzing local and wide area networks, intranets, extranets, and IP addressing Experience performing system hardening, patch management, and configuration management. Experience designing, programming, or analyzing computer architectures and operating systems. Experience in Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management desired Experience in providing 24x7 support for real-time data communications systems and troubleshooting system problems involving real-time data communications systems desired Experience with virtual environments, VMWare ESXi desired Experience with Physical Access Control Systems (PACS), Honeywell, Genetec desired Experience with ITIL-based Asset and Change Management systems desired Experience with Windows Server/Workstation administration, SQL Server administration, Linux administration desired Experience working in regulated environments such as NERC CIP or others is highly desired Equivalent Experience: Engineer I Associates degree in related field or a Bachelor's Degree in an unrelated field with 6+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 8+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer II Associates degree in related field or a Bachelor's Degree in an unrelated field with 8+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 10+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer III Associates degree in related field or a Bachelor's Degree in an unrelated field with 10+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 12+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer IV - V Associates degree in related field or a Bachelor's Degree in an unrelated field with 13+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 16+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Licenses, Certifications, and/or Registrations: Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus. Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening. Travel: Less than 10%. Unusual Hours: Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed. On-site support for system installs, upgrades . click apply for full job details
This Engineer role, part of GSOC's Security Operations department, is responsible for protecting the cyber assets that support GSOC and GTC's digital operations. The position focuses on conducting cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The Engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will bring a strong background in power engineering and substation design including protective relaying and control systems along with experience in cybersecurity and NERC CIP compliance. Performs duties related to ensuring that the systems and networks used for operations are managed securely and in compliance with NERC Critical Infrastructure Protection (CIP) standards. Supports and implements GSOC's physical and cyber security programs including projects related to the security of the digital operations infrastructure and NERC CIP Compliance. Identifies, designs, and implements innovative solutions and uses of security technologies that enable smooth business and operations activities. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives. Job Duties: Engineer I-III Develops and maintains components of GSOC's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes. Identifies, documents, and implements approved improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts. Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading efforts to ensure that the systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Engineer IV - V Develops and maintains components of GSOC's physical and cyber security programs. Serves as Lead Engineer or Architect of major Power Technology enterprise-level projects associated with initiatives with significant impact to GSOC operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes. Leads initiatives that identify improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Leads corporate efforts in identifying, studying, and implementing technologies to secure GSOC and GTC's digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies. Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts. Leads corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading strategic initiatives and projects that ensure systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Required Qualifications: Education: Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems/Technology, or a related field. Experience: Engineer I 0-24 months of experience in areas above in cyber security, information assurance, or related positions Engineer II Minimum of 2 years of experience in areas above in cyber security, information assurance, or related positions Engineer III Minimum of 4 years of experience in areas above in cyber security, information assurance, or related positions Engineer IV - V Minimum of 6+ years of experience in areas above in cyber security, information assurance, or related positions Additional Required Experience: Experience configuring, and analyzing local and wide area networks, intranets, extranets, and IP addressing Experience performing system hardening, patch management, and configuration management. Experience designing, programming, or analyzing computer architectures and operating systems. Experience in Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management desired Experience in providing 24x7 support for real-time data communications systems and troubleshooting system problems involving real-time data communications systems desired Experience with virtual environments, VMWare ESXi desired Experience with Physical Access Control Systems (PACS), Honeywell, Genetec desired Experience with ITIL-based Asset and Change Management systems desired Experience with Windows Server/Workstation administration, SQL Server administration, Linux administration desired Experience working in regulated environments such as NERC CIP or others is highly desired Equivalent Experience: Engineer I Associates degree in related field or a Bachelor's Degree in an unrelated field with 6+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 8+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer II Associates degree in related field or a Bachelor's Degree in an unrelated field with 8+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 10+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer III Associates degree in related field or a Bachelor's Degree in an unrelated field with 10+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 12+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Engineer IV - V Associates degree in related field or a Bachelor's Degree in an unrelated field with 13+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR High school diploma with 16+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management. Licenses, Certifications, and/or Registrations: Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus. Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening. Travel: Less than 10%. Unusual Hours: Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed. On-site support for system installs, upgrades . click apply for full job details
Robotics technology LLC
Required Qualifications: Bachelors in Computer Science, Software Engineering, or related field (or equivalent experience Hands-on experience withC++, Python, Perl, or Shell. Strong understanding ofLinux system administration, preferably RHEL. Experience withOpenSSL, TLS, cryptographic protocols, PKCS. Familiarity with Linux cybersecurity tools such asSELinux,fapolicyd, andsecure boot. Ability to assess and remediate cybersecurity vulnerabilities. Excellent debugging, analytical, written, and verbal communication skills. Preferred Qualifications: Experience with theQtapplication framework. Background in SSDLC and secure programming practices. Understanding ofTPM(Trusted Platform Module) and hardware-backed key storage. Certifications such asRHCE, Security+, CISSP, CSSLP, or similar. Understanding ofFDA Cybersecurity Guidance, GDPR, NIST, and compliance frameworks. Knowledge ofIEC 62304and standards for Class II/III medical devices. Prior experience in regulated industries: aerospace, automotive, healthcare, or defense. Required Skills: C++ and Python development Linux administration & system hardening Cryptography & OpenSSL operations Preferred Skills: Secure coding practices Threat modeling & vulnerability remediation Experience in regulated environments Additional Skills: Cross-functional collaboration Documentation and communication proficiency Ability to support multiple phases of software development lifecycle We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.
Required Qualifications: Bachelors in Computer Science, Software Engineering, or related field (or equivalent experience Hands-on experience withC++, Python, Perl, or Shell. Strong understanding ofLinux system administration, preferably RHEL. Experience withOpenSSL, TLS, cryptographic protocols, PKCS. Familiarity with Linux cybersecurity tools such asSELinux,fapolicyd, andsecure boot. Ability to assess and remediate cybersecurity vulnerabilities. Excellent debugging, analytical, written, and verbal communication skills. Preferred Qualifications: Experience with theQtapplication framework. Background in SSDLC and secure programming practices. Understanding ofTPM(Trusted Platform Module) and hardware-backed key storage. Certifications such asRHCE, Security+, CISSP, CSSLP, or similar. Understanding ofFDA Cybersecurity Guidance, GDPR, NIST, and compliance frameworks. Knowledge ofIEC 62304and standards for Class II/III medical devices. Prior experience in regulated industries: aerospace, automotive, healthcare, or defense. Required Skills: C++ and Python development Linux administration & system hardening Cryptography & OpenSSL operations Preferred Skills: Secure coding practices Threat modeling & vulnerability remediation Experience in regulated environments Additional Skills: Cross-functional collaboration Documentation and communication proficiency Ability to support multiple phases of software development lifecycle We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.