Talent.com
Cyber Security Analyst Progression Job Details | New Mexico Gas Co - Peoples Gas - Tampa Electr

Cyber Security Analyst Progression Job Details | New Mexico Gas Co - Peoples Gas - Tampa Electr

TECO EnergyApollo Beach, FL, US
7 hours ago
Job type
  • Full-time
Job description

Overview

Title : Cyber Security Analyst Progression

Company : Tampa Electric Company

State and City : Florida- North Ruskin

Shift : 8 Hr. X 5 Days

Cyber Security Analyst Progression

Cyber Security Analyst – Level 1

Position Concept :

The Cyber Security Analyst – Operational Technology (OT) is responsible for maintaining the security and integrity of OT systems through routine cybersecurity maintenance activities. Manages and improves the asset inventory database to ensure accurate visibility and tracking of OT. Supports the development and implementation of the organization's OT Cybersecurity program and framework, aligning activities with industry standards and regulatory requirements. Collaborates with cross-functional teams to ensure consistent security controls and continuous improvement of cybersecurity posture.

Cyber Security Analyst Sr – Level 2

Position Concept :

The Cyber Security Analyst Sr is responsible for addressing OT vulnerabilities by taking corrective action or following escalation procedures, assessing threat landscape, confirming secure configuration of Tampa Electric's OT assets, identifying vulnerabilities, and developing remediation plans. Develop cybersecurity maintenance procedures and enforce OT cybersecurity framework and standards. Evaluate IT-related needs of OT environment and team members, and identify cybersecurity awareness gaps. Evaluate OT cyber assets and assign criticality ratings; develop remediation plans for gaps in compliance. Has increased responsibilities in security intelligence monitoring, incident response, and development of cybersecurity maintenance procedures. May serve as a project lead and mentor Cyber Security Analyst. Works under general supervision.

Cyber Security Analyst Lead – Level 3

Position Concept :

The Cyber Security Analyst Lead is responsible for maintaining and improving OT cybersecurity framework and standards, reviewing maintenance procedures and threat landscape assessment, implementing vulnerability management technologies and remediation plans. Lead will facilitate asset criticality evaluation, maintain cybersecurity maintenance schedule, and train staff. Maintain and improve OT cybersecurity program in alignment with latest industry standards (NERC, NIST); build cross-department IT-OT collaboration; educate team on latest cybersecurity trends. Has increased responsibilities in evaluating industry standards and adopting them into cybersecurity controls. May serve as a project lead and mentor to other department team members.

Duties and Responsibilities

Level 1 :

  • Identifies cyber assets, examines and extracts asset configuration, updates OT cyber asset database.
  • Installs security patches, updates antivirus definitions, and creates system backups. Maintains baselines of operational systems and updates the cybersecurity SharePoint site for stakeholder engagement.
  • Reviews new CVEs from external sources for applicability to operational assets.
  • Assists OT team with IT-related work : software and hardware of HMIs and network appliances, remote connectivity.

Level 2 :

  • Evaluates network architecture, system configuration, and external connection layout to ensure OT systems' compliance with the cybersecurity program.
  • Reviews vendor manuals, training materials, industry standards, and develops cybersecurity maintenance procedures.
  • Provides activity planning guidance, feedback on work, and training to Cybersecurity Analysts.
  • Evaluates new CVEs for applicability to OT cyber assets.

    • Level 3 :

  • Translates applicable standards (NERC CIP, NIST CSF, NIST 800-53, etc.) into solutions.
  • Reviews, revises, and updates Energy Supply's OT cybersecurity standards and procedures.
  • Evaluates Energy Supply's OT systems and coordinates actions to maintain regulatory compliance.
  • Develops management responses to internal and external audits and data requests with management and team members.
  • Reviews OT cyber asset management processes. Trains and educates team members and fosters IT-OT collaboration.

    • Education, Licenses & Certifications

    Education : Level 1, 2 and 3 — Required : High School Diploma or equivalent. Preferred : Bachelor's Degree in Computer Science, Information Systems, or other IT-related discipline.

    Licenses / Certifications : Level 1, 2 and 3

    Required : One related Information Security professional certification (or ability to obtain within one year of hire) from vendors such as CISCO, (ISC)2, GIAC, ISA, ISACA, CompTIA, e-Council, etc.

    Preferred : Three or more of the following or similar Information Security certifications (examples : ACE, CCE, CAP, CEH, CCNA, CISA, CISM, CISSP, CRISC, OSCP, etc.).

    Experience :

    Level 1 – Required : 5 years of related Cyber Security, industrial automation, IT, OT, or technical experience, or 1 year with a Bachelor's degree, or 3 years with an Associate degree in related fields.

    Level 2 – Required : 6 years of related experience, or 2 years with a Bachelor's degree, or 4 years with an Associate degree.

    Level 3 – Required : 8 years of related experience, or 4 years with a Bachelor's degree, or 6 years with an Associate degree.

    Knowledge, Skills & Abilities (KSA)

    Level 1 :

    Required : Basic knowledge of OT components and major OS security; incident response, monitoring, and forensics basics; basic networking; basic indicators of compromise; basic packet and malware analysis; regulatory requirements (NERC CIP, SOX, PCI); good analytical and communication skills.

    Level 2 :

    Required : Advanced knowledge of OS security, web / server security, network security; advanced incident response and forensics; scripting (Python, Bash, PowerShell); penetration testing; regulatory compliance; strong analytical and communication skills.

    Level 3 :

    Required : Thorough to expert knowledge across OS security, security controls, forensics, scripting, and regulatory compliance; strong analytical and communication skills. Preferred : reverse engineering malware and further regulatory knowledge.

    Competencies

    Builds Strong, Collaborative Relationships; Cultivates Innovation and Embraces Change; Develop People and Teams; Safety, Health, and Environment; Drives Operational Excellence for Customers; Takes Ownership & Acts with Integrity; Thinks Strategically & Exercises Sound Judgment

    Working Conditions

    Travel between power plants. May require assistance responding to cybersecurity incidents outside of normal business hours.

    Physical Demands

    Requires PPE at power plants. May require interaction with equipment in computer rooms near hot and audible equipment. May require light lifting, stairs, and reaching.

    TECO offers a competitive Benefits package including : Salary, 401k with company matching, Pension, PTO, Holiday time, Medical / Dental / Vision, Tuition Assistance, EAP, Wellness programs, On-site Fitness Centers, Bonus Plan, and more.

    Storm Duty Requirements

    Responding to storms is a condition of employment. TECO Energy and its companies provide critical services during emergencies; team members may be required to participate in response / recovery activities. Proper compensation will be provided per company rules and procedures.

    Equal Opportunity & Accessibility

    TECO Energy is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to protected characteristics, with accommodations as required by law. Pay transparency and ADA policies are included as part of employment considerations. Application accommodations are available upon request.

    J-18808-Ljbffr

    Create a job alert for this search

    Cyber Security Analyst • Apollo Beach, FL, US