Info Security Engineer II(17958) - Pittsburgh, United States - Duquesne Light Company

    Duquesne Light Company
    Duquesne Light Company Pittsburgh, United States

    2 weeks ago

    Default job background
    Engineering / Architecture
    Description

    Business Unit: Information Technology (IT)

    Cost Center: CIP Cyber Security Operations (550)

    Job Family: Information Technology

    Discipline: Information Security - Operations and Engineering

    Career Level: Specialist II

    Overall Purpose:

    DLC is seeking candidates for the role of Information Security Engineer I on the Cybersecurity Operations ("Cyber Ops") team, directly supporting NERC CIP requirements and critical infrastructure security. The Information Security Engineer is responsible for ensuring that Duquesne Light systems and networks are secure. This is done through the deployment of security solutions, executing system and application hardening, vulnerability assessments, and diligent monitoring of networks and systems for signs of infection, compromise, and misconfiguration. Additional responsibilities include ensuring that network and system architectures are designed in a way to minimize risk while allowing for necessary functionality and performing Incident Response activities in the event of a security breach. This group is also accountable for communicating information security risks to management and implementing plans to mitigate or resolve identified risks. This role reports directly to the Sr. Manager of CIP Cybersecurity Operations under the Office of the CISO/Information Security organization.

    Job Responsibilities:

    • Day-to-day management of operational execution for areas managed.
    • Directs available resources to accomplish process improvement.
    • Work with the IT Department in the maturation and configuration of security controls including but not limited to antivirus, SIEM, IT/OT vulnerability management, and network security technologies.
    • Effectively and efficiently manage security event monitoring, tuning, and incident response.
    • Responsible for ongoing security engineering support, maintenance, and availability of security toolsets based on business requirements and adherence to tight operational, security, and procedural models.
    • Extensive knowledge of threats, risk analysis, and the development of security systems and protocols.
    • Develop and help IT implement network security controls.
    • Responsible for ensuring adequate and timely resolutions to all assigned issues relating to critical infrastructure security.
    • Ensure optimal configuration standards are met on existing infrastructure.
    • Monitor daily for cybersecurity events on DLC's network, and report findings to the Cybersecurity Operations Supervisor.
    • Review endpoints to confirm compliance with endpoint security policies, procedures, and standards.
    • Performs forensic analysis of host-based systems.
    • Stay up to date on changes in threat landscape impacting Duquesne's information security program.
    • Research, investigate, communicate, and integrate actionable threat intelligence information in DLC Cyber Security Operations and IT systems.
    • Trains and develops staff. Plans the workflow.
    • Leads workflow changes and implementations for direct team.
    • Perform all other duties as assigned.

    Experience/Skills:

    • Expert level demonstrated understanding of all core cybersecurity topics such as vulnerability management, incident response, endpoint protection and network security.
    • Proficient at technical writing and documenting procedures and processes.
    • Strong interpersonal, communication and organizational skills with the ability to exhibit sound judgment and express verbal and written information effectively.
    • Strong written and verbal communication and presentation skills.
    • Demonstrated ability to interact with people and translate complex concepts into easy-to-follow ideas and present to all levels of the organization.
    • Strong analytical and project management skills.
    • Ability to prioritize efficiently while multi-tasking, dealing with interruptions, and working in a high paced energetic environment.
    • Experience participating in security and regulatory audits, including evidence gathering and analysis

    Preferred:

    • Previous utility experience in transmission and distribution operations, or other industries utilizing SCADA systems and IT/OT environments.
    • Experience with the NERC CIP compliance framework and/or other regulatory frameworks governing Cybersecurity Operations.
    • Experience utilizing security products including Tripwire Enterprise, Trellix ESM, Tenable Nessus, Symantec Endpoint Protection, and Cisco FMC.
    • Experience with Systems Administration in server environments including Microsoft Windows and Linux Operating Systems.
    • Experience with network security controls in air gapped/segmented network environments.
    • Information Security certifications including CISSP, CCNA, SANS GIAC.
    • Experience with coding/scripting languages including Python, PowerShell, and SQL.

    Education/Certification Requirements:

    • Bachelors or equivalent combination of education and experience – Education in Cybersecurity/Computer Forensics or related field.
    • 10+ years of relevant work experience.

    Scope

    In addition to daily deliverables, outputs and reporting, also considers and recommends longer term best practices to improve processes based on experience. Accountable for managing ones own time and work flow and may also lead functional project teams. Works independently, requiring guidance in only the most complex situations. Has well established capabilities, acts as a resource to less experienced staff on complex issues.

    Decision Impact

    Problems and issues faced are vague and require reasoning to identify root cause. Draws on significant past experience to perform role. Accountable for direct level of reasoning and decision making