Under the general supervision of the Power & Light NERC Compliance Supervisor, this position is responsible for maintaining adherence to NERC CIP requirements to protect critical cyber assets; actively participate in security publications and conferences to keep abreast of cyber vulnerabilities and threats; collect and monitor security logs; serve as a network security subject matter expert; setup and manage firewalls, switches, two-factor authentication, Microsoft Active Directory, remote VPN access, and anti-malware software; monitor and record baseline configurations; manage data backups and data recovery; and troubleshoot performance problems. Coordinates closely with the City cyber security staff in efforts to perform risk assessments and develop mitigation plans as needed. Assists NERC CIP Coordinator and NERC Compliance Supervisor to maintain the confidentiality, integrity, and availability of Power & Light information systems and networks. Understands all aspects of the Power & Light networks, operating systems, hardware and software platforms, and protocols as they relate to information security. Maintains awareness of potential cyber threats to the system, and installs, configures, and maintains information security equipment.
Minimum Qualifications: Any combination of education, training and experience which provides the required knowledge, skills, and abilities to perform the essential functions of the job. Experience in information security program administration and enforcement; installation, setup and operation of network routers, switches, firewalls, data encryption devices and intrusion protection devices; implementation of regulatory and industry standard information security compliance strategies; and information or cyber security incident responses and forensics.
Preferred Knowledge, Skills & Abilities: Prefer Bachelor’s degree in computer science, computer technology, or information technology, with three or more years information security administration and/or network administration experience to include recent hands-on technical experience with Cisco firewalls, Microsoft clients and servers, Microsoft Active Directory, DNS, Group Policy Objects, Microsoft local security policy, event log collection and review, antivirus and antimalware prevention strategies, access control lists, IP routing, email server and client, encryption, high availability in a secure environment, RAID, backup and restore tape and disk-to-disk. Three or more years of experience with Dell or HP computers and network managed switches in a VLAN. Two or more years working within NERC CIP or another security standard (FISHMA, HIPAA, SOX GLBA, PCI, etc.). One or more years of forensic work, e-discovery, malware analysis. One or more years of experience working with IIS, FTP, SharePoint, Office365. Knowledge of North American Energy Reliability Corporation (NERC) Standards, dealing with information security policies; technical concepts in relation to information security; network security vulnerabilities; information assurance and related activities; procedures for performing network systems security assessments and security product evaluations; networking with TCP/IP; recordkeeping, report preparation, filing methods and records management techniques; advanced mathematics used to analyze and evaluate various scenarios. Skill in organizing work, setting priorities, and meeting critical deadlines; using a computer to accurately and rapidly enter and retrieve data and information; communicating clearly and effectively, orally and in writing. Ability to read and interpret procedure, professional and technical documents; write reports, correspondence, procedure manuals; trouble shoot computer network problems; apply concepts such as fractions, percentages, ratios and proportions to practical situations; interpret a variety of instructions in written, oral, diagram or schedule form. While not required, one or more of the following certifications are desired: SSCP, CISSP, CISA, CISM, GSEC, GCFW, GSWN, GISF, GSEC, CCNP, CCNA, MCSE. Network Security Engineers are encouraged to apply. Must be able to complete required NIMS (Disaster Recovery) training within six (6) months of hire.
Physical Demands: Using hands to finger, handle, or feel; reaching with hands and arms; normal hearing, visual acuity and eye-hand coordination; stoop, crouch, or knell; and lifting and/or moving up to 50 pounds.
Typical Working Conditions: Office environment, typically moderately quiet. Typical work hours are 8:00 a.m. to 5:00 p.m. Monday through Friday, with city holidays and benefits. Some after work hours during nights, weekends, and holidays may be required during system outages or major upgrades. A strong ethical demeanor and teamwork attitude is paramount.
Drug Testing; Security Background Check
In addition to the Application, testing and/or examinations may be required for further consideration on this position.
You may apply on-line www.indepmo.org/hr or apply in the Human Resources Department, 2nd floor, City Hall, 111 E. Maple Independence, MO 64050. Position Open Until September 13, 2013.
EQUAL OPPORTUNITY EMPLOYER – BILINGUAL SKILLS PREFERRED