Senior Cyber Security Analyst - Power Generation Controls and Operational Technology (Richmond, VA)
At Dominion Energy we love our jobs. That's right. Love. Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate. These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever. We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that's proud of its rich legacy. Are you a change agent? Do you think differently? Do you want to fall in love with your job? If you answered -yes,- then read on!
"The company is actively seeking United States military veterans and service members who meet the qualifications outlined below.-
At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.
Job Summary
Dominion Energy's Power Generation Business Unit seeks a Generation Cyber Security Senior Analyst to support the Power Generation fleet (non-nuclear) with computer, communications, and network security in Operational Technology (OT) Industrial Control System (ICS) environments and ICS Cyber Security environments. This position is located at Dominion Energy's Thomas F. Farrell II Building, 600 E. Canal Street, Richmond, Virginia.
The successful candidate will be able to provide the support noted below in accordance with standards, best practices, and regulatory requirements, for the operating units and auxiliaries:
Provide ongoing support and oversight for the Industrial Control System (ICS) cyber security systems. (ICS e.g.: Distributed Control Systems -DCS-, Programmable Logic Controller systems -PLC-, SCADA).
Proficiently utilize, manage, and support cyber security systems deployed in protection of ICS assets, including inventory systems, change monitoring, network intrusion detection, file security, anti-virus, whitelisting, SIEM, WSUS, backup/restore, and network device management.
Recommend and support the implementation of architectures necessary for Power Generation's cyber security and compliance posture.
Implement and manage system installations, modifications, and integration of communication protocols, programs, and cyber tools in support of secure ICS data and control communications.
Provide hands support with computer, software, and network device implementations, security hardening, modifications, updates, patches, troubleshooting, and replacement.
Research, develop, and implement cyber security architectures and communications necessary to maintain the plant cyber security and compliance posture.
Serve as a cyber security team member and uphold responsibilities in support of the fleet and related cyber security project implementations and initiatives.
Develop and implement secure software and network communication architectures to support data and access communication needs.
Provide firewall rule development, review, and investigation.
Coordinate with Power Generation Cyber Security and Information Technology (IT) Groups for enterprise firewall rule change requests as needed.
Provide monitoring, surveillance, and troubleshooting of ICS cyber security systems.
Support cyber security event investigation in coordination with the Incident Response Team.
As needed: review, analyze, and investigate logs, events, and alerts for potential security breaches.
Monitor cyber security best practices, industry trends, and regulatory requirements while identifying gaps in cyber security controls and recommend/implement technical or administrative solutions to remediate.
Follow policy and procedures established by Power Generation Regulatory Compliance and Corporate Cyber Security.
Develop specific procedures and support deployment of cyber security equipment patches and upgrades in accordance with policy.
Review and approve change management and design change packages for cyber security and compliance impacts.
Address and resolve ICS-CERT vulnerabilities in coordination with compliance and station personnel.
Develop technical procedures and guidance documents.
Ensure system drawings and documentation are revised as needed.
Act as a mentor to other staff members to broaden knowledge and technical expertise across the team.
Required Knowledge, Skills, Abilities & Experience
Required experience : 5+ years of experience in operational technology cyber security, system administration, networks, firewalls, and management of Windows operating systems security (Note: A partial year of related work experience of 6 months or greater will be considered one year towards the qualifications; A an advanced degree can count as one year experience)
Must have a 'hands on' experience/understanding utilizing cyber security processes and technologies including:
Cyber security technologies such as network intrusion detection systems, logging and monitoring tools, antivirus tools, whitelisting tools, malware prevention tools, incident response tools, asset inventory systems and security analytics platforms
Incident analysis, root cause analysis, and problem resolution
An understanding of industrial control system networks, switches, and firewalls, and the differences of these OT systems from IT systems when applying cyber security controls.
Strong experience with workstation and server security, protection, and software.
Experience in security aspects of multiple platforms, operating systems, software, communications, and network devices, architectures and topologies.
Strong Experience with Network devices (network switches, firewalls, routers)
Other requirements:
Strong level of understanding of security principles, technologies, best practices, and NIST ICS guidance.
Excellent analytical and problem solving skills. Ability to work independently and in a team environment to identify errors, pin point root causes, and devise solutions with minimal oversight.
Ability to coordinate multi-project assignments and manage deadlines.
Strong Microsoft/Cisco system administration experience.
Strong leadership and interpersonal skills;
Strong verbal and written communication skills
Ability to successfully work both independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
Preferred Skills:
Systems Security Certified Practitioner (SSCP)
Certified Information System Security Professional (CISSP)
Familiarity with Industrial Control Systems (DCS, PLC, SCADA) and third-party datalink protocols (e.g. Modbus, DNP, ABPLC
Strong Microsoft/Cisco system administration experience.
Microsoft Certifications
Network Certifications
*The company is actively seeking United States military veterans and service members who meet the qualifications.
- Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined.
Education Requirements
Required : Bachelor Degree
Preferred Disciplines:
Computer Science
Engineering
Other Bachelor of Engineering or Science disciplines may be substituted for the approved disciplines stated above at discretion of the hiring manager
Licenses, Certifications, or Quals Description
Systems Security Certified Practitioner (SSCP) preferred
Certified Information System Security Professional (CISSP) preferred
Microsoft Certifications - MCSA, MCSE, MCA
Linux Certifications - RHCSA, RHCE, RHCA, LPIC-1, LPIC-2
Firewall Certifications - Fortinet NSE4, 5, 6, 7, 8, PCCET, PCNSA, PCNSE
Network Certifications - CCNA, CCNP, CCIE, RHCSA, RHCE, RHCA
Security Certifications - OSCP, eCPPT, CISSP, SSCP
GIAC Certifications - GICSP, GRID, GCIP, GCIH, GCIA, GCFE, GPEN, GSEC
Working Conditions
Cold Up to 25%
Dust / Grease / Oil Up to 25%
Heat Up to 25%
Loud Noise Up to 25%
Operating Machinery Up to 25%
Travel 51-75%
Other Working Conditions
Test Description
No Testing Required
Export Control
Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.
Other Information
We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more. To learn more about our benefits, click here
Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.
You can experience the excitement of our company - it's the difference between taking a job and starting a career.
Top 3 Reasons to Work at Dominion Energy
There are many reasons to work at Dominion Energy, but below are the top three employees have shared with us. Click on each of the links to learn more!
About Dominion Energy
I am your warm cup of coffee in the morning and I light your home at night. I am the cool breeze from your A/C on the hottest day in summer, and the red coil that heats your soup pot on a frigid winter's day. I am sustainable, reliable and affordable.
I am not just any energy... I am Dominion Energy.
We're transforming the way we do business to build a more sustainable future for the planet, our customers, our team and our industry. We're shaping the future of energy in America.
Join us!
Facts:
.17,000 employees
.Headquarters: Richmond, VA
.16 states in the US
.$100 billion of assets
.Nearly $35 million in charitable contributions
.100,000+ volunteer hours recorded in the community
Our Commitment to NetZero by 2050
We've cut carbon emissions from our electric generation business by approximately 43% (since 2005) and methane emissions from our natural gas business by 32% (since 2010) - and we're just getting started . By growing wind, solar, and renewable natural gas and pursuing innovative technologies, we expect to achieve net zero emissions by 2050. We've also committed to reducing the emissions of our suppliers and customers - so we can all move forward together.
Nearest Major Market: Richmond
Job Segment: Testing, Network, Computer Science, Cisco, Nuclear Engineering, Technology, Engineering
