IT Security Analyst I - Tucson, United States - Tucson Electric Power

Tucson Electric Power

Verified Company

Tucson, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

About Us:

UNS Energy Corporation, headquartered in Tucson, Arizona, is a subsidiary of Fortis Inc., the largest investor-owned electric and gas distribution utility in Canada.

Our public utility subsidiaries, Tucson Electric Power Company, UNS Electric, Inc. and UNS Gas, Inc., power our economy by providing electric and gas service to nearly 700,000 customers in Arizona.

We embrace a spirit of giving, dedicated to improving quality of life in the communities we have served for generations, and in TEP's case, since the 1890s.

We're building a cleaner, greener grid, with more wind and solar power than ever before, while maintaining safe, reliable, and affordable service.

Your Employer of Choice:

Our culture is rooted in shared core values that define how we work and who we are.

Our team of innovative professionals bring their authentic selves to work each day to power our vision and make a difference.

Be Part of Our Story.

We create opportunities for employees to thrive through:

Continual growth: In an industry changing faster than ever before, our commitment to professional growth and leadership development means we never stop challenging ourselves to explore new possibilities.

-
Active Engagement: We support a collaborative environment, with peer-to-peer learning and employee-driven groups that foster an inclusive culture.
-
Total compensation: UNS Energy Corporation also offers a competitive compensation and benefits package that includes a 401k plan with a generous company match, a company-sponsored pension plan, affordable individual and family health insurance plans, tuition assistance, life insurance, long-term disability insurance and much more.

Hear from some of our employees, here and here.

Job Description - IT Security Analyst I - III:

Position Description

Responsible for the design, planning, testing, implementation, and administration of regulatory requirements and industry-wide accepted information security principles, practices, and information systems to ensure the protection of information assets processed, stored, or transmitted at UniSource.

Evaluate the effectiveness of information security solutions and processes in place, keeping in mind the state of world events.

Monitor for and identify security risks and exposures, determine the causes of security violations, assess, and implement procedures to halt future incidents.

Understand and provide assistance to system users relative to information systems security matters. Participates in a team environment that provides cost-effective IT security services to the various business units. Works closely with other areas to insure optimum reliability and cohesiveness.

Position-Related Responsibilities

Responsible for provisioning and deprovisioning users
Performs security incident response and forensic investigations.
Performs security analysis, including architecture review, baselines, vulnerability assessments, and risk assessments to proactively identify security risks and exposures.
Monitors security events across the network and ensures alerting and resolution of security issues and threats.
Provides antivirus, spam, and malware administration and management.
Provides secondlevel support for the IT Help Desk. Performs 24 x7 support on a rotating basis.
Ensures change control processes are followed and service levels affected by those changes are maintained.
Works with internal and external project managers to complete projects and efforts on time.
Leads or participates in IT projects to provide information security expertise, guidance, or training.
Works with internal and external auditors to implement technical aspects of regulatory/compliance/privacy controls, such as Sarbanes-Oxley, NERC CIP, HIPAA, and PCI DSS.
Works with Human Resources or Legal to provide sensitive investigative or litigation hold support.
Knowledge is expected in the following disciplines:
Authentication and Access Control Tools, Management and Administration
Anti-Virus, Spam and Malware Tools, Management and Administration
Application Security Architecture & Cloud Computing Concepts
Change & Security Configuration Audit and Control
Encryption Processes, Management and Administration
Firewall Management and Administration
Hardware/software Security Testing and Evaluation
Intrusion Detection/Prevention
Incident Response Practices and Procedures
Computer Forensic Practices and Procedures
Layer 2 and 3 routing and switching protocols (TCP/UDP, IPv4, IPv6, OSPF, etc.)
Security Information & Event Management (SIEM) and Logging
Scripting Languages, such as PowerShell
VOIP Technology Security
VPN's (Virtual Private Networks) and SSL
Vulnerability Assessment Practices/Technology (i.e. Operating Systems, Network, Application, Database, and Web)
Wireless Security Infrastructure
Security Industry Standards, such as ISO, NIST & FISMA
Regulatory Requirements of NERC CI