At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams. Apply here to start an extraordinary career today.
The Cyber Threat Analyst (Global) directly supports the Infrastructure Security Organization for all ongoing activities that serve to provide appropriate access to, and protect the confidentiality, integrity and availability of employee and business information in compliance with organization policies, procedures and regulatory requirements including NERC’s Cyber Security Standards.
Specifically, this position is responsible for supporting the design, implementation and maintenance of NERC CIP (Critical Infrastructure Protection) programs related to the NERC and associated systems.
Possesses sufficient knowledge of IP (internet protocol) devices, networking, and power system operation to effectively interpret evolving NERC CIP regulations and develop effective programs that ensure compliance.
Has a working knowledge of computer networking concepts and a general knowledge of the concepts involved in operating a power delivery system. Communicates effectively with internal and external customers and responds to requests for supporting information, including extensive audits.
This position is a NERC regulated position. As such, a background check will be conducted on the incumbent every seven years. Additionally, the incumbent will be required to complete annual NERC and other compliance training.
Principal Duties and Responsibilities:
- Assist in the design and development of Security implementations
- Develop and implement standards and operating procedures
- Maintain proper change management documentation for all hardware and software modifications
- Conduct routine hardware and software audits of all supported security devices to ensure compliance with established standards, policies, procedures, and requirements
- Participate in the Cyber Incident Response Team (CIRT)
- Lead and ensure the fulfillment of team responsibilities including:
- Perform all required operational maintenance and troubleshooting of supported security assets
- Perform daily backup and recovery operations for the supported security assets
- Participate in disaster recovery planning, development, exercises, and actual events
- Evaluate and test software changes and updates supplied by vendors, prior to installation
- Work with vendors, application developers, database administrators, corporate IT, and other technology groups to resolve any problems
- Provide reliable 24 x 7 support
- Performance management and development for direct reports
- Participate in budgeting and purchasing processes
- Other duties as assigned
Required: This position will require excellent problem solving and decision making skills, the ability to work with minimal supervision, and the ability to perform duties effectively under emergency situations. The candidate must possess a competency in the following security related areas: Firewalls, Intrusion Detection Systems, network switches, network routers, network design, VPN implementation, TCP/IP communication, writing information security policies, performing information security assessments, computer forensics, anti-virus, patch evaluation, event monitoring systems, and network analysis.
- Bachelors Degree in Computer Science, Information Systems, Engineering or other related field
- Certification(s) in Information Security; CISSP, CISM, ISSEP, CISA or SANS and technical certification in Cisco, Microsoft, Linux or Unix
- Must have excellent planning, organizational, verbal and written communication skills
- Ability to express complex technical concepts effectively, both verbally and in writing
- Must have the ability to work well with people from varying disciplines with varying degrees of technical experience
- Strong LAN/WAN infrastructure knowledge, technical writing skills and comprehension of technical manuals
- This position requires a thorough understanding of diverse system and network architectures
Preferred: An ideal candidate would have experience in the Energy or Utility industry, experience supporting a 24 x 7 real time operations environment, experience supporting systems subject to regulatory compliance requirements, or experience with FERC, NERC, RFC, or PJM.
AES is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, genetic information, disability or protected veteran status. E-Verify Notice: AES will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s I-9 to confirm work authorization.
Create an extraordinary future.
AES people raise the quality of life in communities around the world – from bringing electricity to rural communities in El Salvador for the first time, to engineering battery storage that makes a clean energy future possible. That’s a 24/7 responsibility, so we work like a 21,000-person start-up – all in, full-on, in small, hyper-connected teams of people from different divisions, specialties and cultures.
We recognize and reward contribution from anyone, anywhere. The only limit to our influence and impact is our own commitment. We measure our careers by the difference we make to our communities, colleagues and families. So we care as much about how we act as what we do, at work and in life. We don’t just work at AES. We work for AES. We are AES.