Senior Cyber Security Analyst – Power Generation Controls and Operational Technology

Job Summary

Dominion Energy’s Power Generation Business Unit seeks a Generation Cyber Security Senior Analyst with experience in computer and network security in Industrial Control System (ICS) environments to support the Power Generation Station (non-nuclear).

This position is located at Dominion Energy’s 600 Canal Place location in Richmond, Virginia.

Job Summary & Responsibilities:

The successful candidate will be able to provide the support noted below in accordance with standards, best practices, and regulatory requirements, for the operating units and auxiliaries:

1. Oversee and provide ongoing support for the Industrial Control System (ICS) cyber security systems and program.
2. Oversee the support and management of and proficiently utilize cyber security systems deployed in protection of ICS/DCS/PLC/SCADA assets, including asset inventory systems, change management, network intrusion detection, file security, anti-virus, whitelisting, SIEM, WSUS, backup/restore, and firewall rule development along with review and investigation of system event logs.
3. Recommend, support, and lead the implementation of architectures necessary to maintain Power Generation’s cyber security and compliance posture.
4. Implement and Manage System installations, modifications, and integration of communication programs and cyber tools in support of secure ICS data and control communications.
5. Perform computer (hardware/software) and network switch installations, modifications, and replacements as needed.
6. Serve as a cyber security team member and uphold responsibilities in support of the fleet and related project implementations.
7. Perform firewall rule reviews and investigation.
8. Coordinate with Power Generation Corporate Cyber Security and IT for enterprise firewall rule change requests as needed.
9. Follow policy, procedures, and Power Generation Corporate Cyber Security guidance.
10. Provide monitoring, surveillance, and troubleshooting of cyber security systems.
11. Support and/or lead for cyber security event investigation in coordination with Incident Response Team.
12. As needed: review, analyze, and investigate logs, events, and alerts for potential security breaches and follow incident response procedures.
13. Develop procedures for review by the corporate Cyber Security lead and/or compliance group.
14. Support deployment of cyber security equipment patches and upgrades recommended by the Corporate Cyber Security Lead in accordance with policy and procedures.
15. Review industry guidance for cyber security, identify gaps in cyber security controls and recommend/implement technical or administrative solutions to remediate.
16. Review change management records and design change packages for cyber security compliance and impacts.
17. Address and resolve ICS-CERT vulnerabilities in coordination with Power Generation Regulatory Compliance (PGRC) and station cyber security personnel.
18. Ensure system drawings and documentation are revised as needed.
19. Verify that corporate and station managed projects follow approved cyber security practices.

Relocation assistance can be offered to the successful eligible candidate.

Required Knowledge, Skills, Abilities & Experience

1) At least five years of experience in IT/OT cyber security, system administration, networks, firewalls, and management of Windows operating systems security – or – 7 years of a combination of this experience and ICS experience.

2) Must have a ‘hands on’ understanding of cyber security processes and technologies including,

⦁ Security technologies such as network intrusion detection systems, logging and monitoring tools, antivirus tools, whitelisting, malware prevention, incident response tools, asset inventory systems and security analytics platforms;
⦁ Incident analysis, root cause analysis, and problem resolution
⦁ An understanding of industrial control system networks, switches, and firewalls, and the differences from IT systems when applying cyber security controls on OT systems.
⦁ An understanding of workstation and server security and protection
⦁ Experience in security aspects of multiple platforms, operating systems, software, communications, and network architecture and topologies.
⦁ Network devices

Other requirements:

1) Strong level of understanding of IT/OT security principles, technologies, best practices, and NIST ICS guidance.
2) Excellent analytical and problem solving skills. Ability to work independently and in a team environment to identify errors, pin point root causes, and devise solutions with minimal oversight.
3) Ability to coordinate multi-project assignments and manage deadlines.
4) Strong Microsoft/Cisco system administration experience.
5) Strong leadership and interpersonal skills;
6) Strong verbal and written communication skills;

Preferred Skills:

⦁ Systems Security Certified Practitioner (SSCP)
⦁ Certified Information System Security Professional (CISSP)
⦁ Familiarity with Industrial Control Systems (DCS, PLC, SCADA) and third-party datalink protocols (e.g. Modbus, DNP, ABPLC).
⦁ Microsoft Certifications

Note: A partial year of related work experience of 6 months or more rounds to one full year of qualifications.
The company is actively seeking United States military veterans and service members who meet the qualifications.
• Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined.

Education Requirements

Preferred: Bachelor
Computer Science
Electrical Engineering
Information Technology
Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description

• Systems Security Certified Practitioner (SSCP) preferred
• Certified Information System Security Professional (CISSP) preferred
• Microsoft Certifications – MCSA, MCSE, MCA
• Linux Certifications – RHCSA, RHCE, RHCA, LPIC-1, LPIC-2
• Firewall Certifications – Fortinet NSE4, 5, 6, 7, 8, PCCET, PCNSA, PCNSE
• Network Certifications – CCNA, CCNP, CCIE, RHCSA, RHCE, RHCA
• Security Certifications – OSCP, eCPPT, CISSP, SSCP
• GIAC Certifications – GICSP, GRID, GCIP, GCIH, GCIA, GCFE, GPEN, GSEC

Working Conditions

Other Working Conditions

Test Description

No Testing Required