IT SECURITY ANALYST
The IT Security Analyst II will be a leading member of the OT security team tasked with assisting in the development of strategies, defining roadmaps, and device administration for security related activities including compliance, governance, next generation firewalls, end point protection solutions, and all other security related work in the OT space. The incumbent will assist in designing, implementing and managing information security controls in addition to evaluating and identifying new areas of risk associated with new projects and company initiatives.
What You Will Be Responsible For:
· Participate in the develop of strategies and roadmaps to continually evolve security posture and mitigate risk in the OT space.
· Participate in the development of overall architecture design and engineering across all OT security areas.
· Work with owners of various systems to address security related concerns including DCS, SCADA, measurement, communications, etc
· Be actively involved in all stages of OT related projects ensuring security solutions are effectively developed and ultimately implemented.
· Oversee the scheduling and implementation of hardware repairs and new projects.
Next generation firewall administration.
· End point protection administration.
· Participate in the develop of firewall policies and standards built upon industry best practices.
· Participate in the management of security best practices including patching, hotfixes, vulnerability management, etc.
· Audit firewall policies and internal security controls and report findings and recommendations.
· Maintain firewall performance and address security alerts by performing monitoring, analysis and tuning.
· Evaluate, design and implement new technologies.
· Participate in the development and maintenance of processes, procedures and documentation related to security controls and technology.
· Participate in the development of information security metrics and scorecards.
· Responsible for reviewing trouble tickets and participating in change management activities.
· Responsible for pricing and ordering related equipment.
Qualifications – External
· Bachelor’s Degree in Computer Science or related field preferred.
· 8-10 years of IT/OT security experience including system design, compliance, implementation, analysis and administration.
· Experience performing security assessments and gap analysis.
· Experience with pen testing and scripting desired.
· A wide base of experience in multiple security related disciplines including firewall administration, antivirus administration, IDS/IPS configuration, logging and analysis, security best practice methodologies, etc.
· Foundational understanding of network technologies, common applications and their associated ports and protocols.
· Foundational understanding of Active Directory and Citrix technologies.
· Ability to work independently and communicate within a team environment.
· Excellent interpersonal and communication skills with the ability to relate technical issues to non-technical management.
· Strong skills in IT/OT security system design, analysis, and problem solving.
· Security related professional certifications preferred, including but not limited to CISSP, GICSP, CEH, OSCP, etc.
· Experience with energy-related systems and technology desired.
· Strong organizational skills, ability to multi-task.
· Assume on call support when required.
· After hours work may be required due to outages, implementation and maintenance windows.
· Overnight travel occasionally required, 10%
· Experience with Palo Alto firewalls and Meraki Networking equipment.