Senior Cyber Security Analyst - Generation Operational and Communication Technology (Richmond, VA)
Date: Oct 17, 2022
Location: RICHMOND, VA, US, 23219
Company: Dominion Energy
At Dominion Energy we love our jobs. That's right. Love. Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate. These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever. We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that's proud of its rich legacy. Are you a change agent? Do you think differently? Do you want to fall in love with your job? If you answered -yes,- then read on!
At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.
Job Summary
Dominion Energy's Power Generation Business Unit seeks a Generation Cyber Security Senior Analyst to support the Power Generation fleet (non-nuclear) with computer, communications, and network security in Operational Technology (OT) Industrial Control System (ICS) environments and ICS Cyber Security environments. Primary focus is for Power Generation Solar and Battery Storage Fleet support.
The successful candidate will be able to provide the support noted below in accordance with standards, best practices, and regulatory requirements, for the operating units and auxiliaries:
- Provide ongoing support and oversight for the Industrial Control System (ICS) cyber security and secure network communications. (e.g.: SCADA Systems, DMZ Communications and Replication Systems/Software, Programmable Logic Controller systems -PLC-, Distributed Control Systems -DCS, etc.)
- Recommend and support the implementation of architectures necessary for Power Generation's cyber security and compliance posture.
- Design, Implement and manage system installations, modifications, and integration of communication protocols and programs/tools in support of secure ICS data and control communications.
- Provide hands on support with computer, software, and network device implementations, account management and review, security hardening, modifications, updates, patches, troubleshooting, and replacement.
- Research, develop, and implement cyber security architectures and communications necessary to maintain the plant cyber security and compliance posture.
- Uphold responsibilities in support of Power Generation and related cyber security project implementations and initiatives.
- Develop and implement secure software and network communication architectures to support data and access communication needs.
- Provide firewall rule development, review, and investigation and coordinate with Power Generation Cyber Security and Information Technology (IT) Groups.
- Provide cyber security and communications related monitoring, surveillance, and troubleshooting.
- Support cyber security event investigation in coordination with the Incident Response Team.
- As needed: review, analyze, and investigate logs, events, and alerts for potential security breaches.
- Monitor cyber security best practices, industry trends, and regulatory requirements while identifying gaps in cyber security controls and recommend/implement technical or administrative solutions to remediate.
- Follow policy and procedures established by Power Generation Regulatory Compliance and Corporate Cyber Security.
- Support deployment of cyber security equipment patches and upgrades in accordance with policy.
- Review and approve change management and design change packages for cyber security and compliance impacts.
- Address and resolve ICS-CERT vulnerabilities in coordination with compliance and station personnel.
- Develop technical procedures and guidance documents.
- Mentor other staff members to broaden knowledge and technical expertise across the team.
Required Knowledge, Skills, Abilities & Experience
Required experience : 5+ years of experience in operational technology cyber security, system administration, networks, firewalls, and management of Windows operating systems security (Note: A partial year of related work experience of 6 months or greater will be considered one year towards the qualifications; A an advanced degree can count as one year experience)
Must have a 'hands on' experience/understanding utilizing cyber security processes and technologies including:
- Cyber security technologies such as network intrusion detection systems, logging and monitoring tools, antivirus tools, whitelisting tools, malware prevention tools, incident response tools, asset inventory systems and security analytics platforms
- Incident analysis, root cause analysis, and problem resolution
- An understanding of industrial control system networks, switches, and firewalls, and the differences of these OT systems from IT systems when applying cyber security controls.
- Strong experience with workstation and server security, protection, and software.
- Experience in security aspects of multiple platforms, operating systems, software, communications, and network devices, architectures and topologies.
- Strong Experience with Network devices (network switches, firewalls, routers)
Other requirements:
- Strong level of understanding of security principles, technologies, best practices, and NIST ICS guidance.
- Excellent analytical and problem-solving skills.
- Ability to coordinate multiple projects and assignments concurrently and manage deadlines.
- Strong verbal, written, interpersonal and leadership skills.
- Ability to successfully work both independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
Preferred Skills:
Systems Security Certified Practitioner (SSCP)
Certified Information System Security Professional (CISSP)
Familiarity with Industrial Control Systems (DCS, PLC, SCADA) and third-party datalink protocols (e.g. Modbus, DNP, ABPLC
Strong Microsoft/Cisco system administration experience.
Microsoft Certifications
Network Certifications
*The company is actively seeking United States military veterans and service members who meet the qualifications.
- Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined.
Education Requirements
Required : Bachelor's Degree
Preferred Disciplines:
Computer Science
Engineering
Information Systems
Other Bachelor of Engineering or Science disciplines may be substituted
Licenses, Certifications, or Quals Description
Systems Security Certified Practitioner (SSCP) preferred
Certified Information System Security Professional (CISSP) preferred
Microsoft Certifications - MCSA, MCSE, MCA
Linux Certifications - RHCSA, RHCE, RHCA, LPIC-1, LPIC-2
Firewall Certifications - Fortinet NSE4, 5, 6, 7, 8, PCCET, PCNSA, PCNSE
Network Certifications - CCNA, CCNP, CCIE, RHCSA, RHCE, RHCA
Security Certifications - OSCP, eCPPT, CISSP, SSCP
GIAC Certifications - GICSP, GRID, GCIP, GCIH, GCIA, GCFE, GPEN, GSEC
Valid driver's license
Working Conditions
Cold Up to 25%
Dust / Grease / Oil Up to 25%
Heat Up to 25%
Loud Noise Up to 25%
Operating Machinery Up to 25%
Travel 51-75%
Other Working Conditions
Test Description
No Testing Required
Export Control
Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.
Other Information
We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more. To learn more about our benefits, click here
Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.
You can experience the excitement of our company - it's the difference between taking a job and starting a career.
Nearest Major Market: Richmond
Job Segment: Testing, Network, Nuclear Engineering, Linux, Nuclear, Technology, Engineering, Energy
