Security Engineer

This Engineer role, is part of my clients Security Operations department and is responsible for protecting the cyber assets that support them and their sister companies digital operations. The position focuses on conducting cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The Engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will bring a strong background in power engineering and substation design including protective relaying and control systems along with experience in cybersecurity and NERC CIP compliance.

Performs duties related to ensuring that the systems and networks used for operations are managed securely and in compliance with NERC Critical Infrastructure Protection (CIP) standards. Supports and implements physical and cyber security programs including projects related to the security of the digital operations infrastructure and NERC CIP Compliance. Identifies, designs, and implements innovative solutions and uses of security technologies that enable smooth business and operations activities. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives.

Job Duties :

• Engineer IIIDevelops and maintains components of the company's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes.Identifies, documents, and implements approved improvements to existing technical and operational processes.Develops, documents, and implements NERC CIP related policies, processes, and procedures.Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts.Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure the company's digital operations infrastructure and security posture.Collaborates with other functional departments including some sister company's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, Power Technology, Human Resources and SSIT leading efforts to ensure that the systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and cyber security policies and procedures.
• Engineer IV - VDevelops and maintains components of physical and cyber security programs. Serves as Lead Engineer or Architect of major Power Technology enterprise-level projects associated with initiatives with significant impact to operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes.Leads initiatives that identify improvements to existing technical and operational processes.Develops, documents, and implements NERC CIP related policies, processes, and procedures.Leads corporate efforts in identifying, studying, and implementing technologies to secure digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies.Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts.Leads corporate efforts in identifying, studying, and implementing new technologies to secure the companies digital operations infrastructure and security posture.Collaborates with other functional departments including System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and Power Technology, Human Resources and SSIT leading strategic initiatives and projects that ensure systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and cyber security policies and procedures.

Required Qualifications :

Education : Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems / Technology, or a related field.

Experience :

Equivalent Experience :

Associates degree in related field or a Bachelor's Degree in an unrelated field with 10+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, OR

High school diploma with 12+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management.

Associates degree in related field or a Bachelor's Degree in an unrelated field with 13+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management, ORHigh school diploma with 16+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management.

Licenses, Certifications, and / or Registrations : Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus.

Specialized Skills : Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.

Travel : Less than 10%.

Unusual Hours : Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed. On-site support for system installs, upgrades, assessments as required by CIP compliance