Applications will be accepted through April 22, 2024 - Apply on-line at www.wfec.com
A Senior/Security Systems Analyst in the IT Infrastructure Department is open for placement. This one position could be filled at a Security Systems Analyst or Senior Security Systems Analyst level based on the applicant's education and experience, see the Qualifications section for additional requirements.
SUMMARY: Under the general supervision of the Supervisor, Information Security, the Senior/Security Systems Analyst will assist in the engineering, design, installation, maintenance, and troubleshooting of equipment and systems related to the cyber security operations of the organization. Adherence to North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) regulations and strict change control is required. The incumbent will develop operational and security documentation for standards related to cyber systems. Secondarily, the incumbent will provide host and network cyber security analysis, controls, and remediation to the organization. The incumbent will operate in the business networks as well as the operational technology networks. Participation in in-house, regulatory, and industry teams, to include but not limited to, working groups, committees, incident response teams, and business continuity teams is required. In addition, the incumbent will be required to participate in exercises that test policies, procedures, and skills that are required by the organization and critical operations.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned. Ensures the stability and integrity of in-house Electronic Access Control and Monitoring Systems (EACMS) which may include multiple cyber security technologies and systems used in the monitoring of cyber assets associated with NERC CIP regulations. Ensures the stability and integrity of multiple cyber security technologies and systems used in the monitoring of cyber assets associated with the business networks of the organization. Deploys, maintains, and troubleshoots cyber security systems. Ensures scope of systems are capable of meeting objectives and goals. Develops, analyzes, prioritizes, and organizes data flows, diagrams, and flowcharts with other personnel. Defines and coordinate the execution of testing procedures and develop test cases to serve the overall quality assurance process. Develops and implement maintenance procedures, monitor systems health, gather system statistics, and troubleshoot reported errors and alarms. Implements best practices for scalability, supportability, ease of maintenance, and system performance. Performs design, implementation, and upgrades of information systems to meet the business and user needs. Configures cyber security systems to support day-to-day changes requested by internal personnel. Researches cyber security products, services, protocols, and standards to remain abreast of developments in the information security industry. Adheres to and maintains compliance with the NERC CIP regulations, including participation in audits, conducting security controls testing, engaging in change control, baseline efforts, and conformity with regulatory policies and procedures. Ensures cyber security systems are up to date on rule sets and signatures, including the creation of custom rule sets and signatures. Performs information analyst essential duties and responsibilities when needed:

1. Performs threat hunting to detect and isolate threats and provide remediation recommendations.
2. Responds to anomalous events that will require analysis and will synthesize and correlate complex events to ensure operational security.
3. Triages, responds, and remediates cyber security incidents.
4. Conducts vulnerability testing, analysis, and oversees mitigation efforts for all cyber assets.
5. Conducts incident response and cyber forensic investigations for all cyber assets.
6. Tickets and tracks cyber security related issues.
7. Writes reports and briefings related to specific security issues.

COMPETENCIES: To perform the job successfully, an individual should demonstrate the following competencies:
Analytical: Synthesizes complex or diverse information; collects and researches data; uses experience to complement data; designs work flows and procedures.
Problem Solving: Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in group problem solving situations; uses reason even when dealing with emotional topics.
Professional Knowledge: Generates creative solutions; translates concepts and information into applications; uses feedback to modify recommendations; pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others.
Oral and Written Communication: Speaks clearly and persuasively in positive or negative situations; listens and gets clarification; responds well to questions; demonstrates group presentation skills; participates in meetings; writes clearly and informatively; varies writing style to meet needs; presents numerical data effectively; able to read and interpret written information.
Teamwork: Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; able to build morale and group commitments to goals and objectives; supports everyone's efforts to succeed.
Planning/Organizing: Prioritizes and plans work activities; uses time efficiently; sets goals and objectives; develops realistic action plans.
Adaptability: Adapts to changes in the work environment; manages competing demands; changes approach or method to best fit the situation; able to deal with frequent change, delays or unexpected outcomes.
Professionalism: Approaches others in a tactful manner; reacts well under pressure; treats others with respect and consideration regardless of their status or position; accepts responsibility for own actions; follows through on commitments.
Customer Service: Manages difficult or emotional customer situations; responds promptly to customer needs; solicits customer feedback to improve service; responds to requests for service and assistance; meets commitments to customers.
Cost Consciousness: Works within approved budget; develops and implements cost saving measures; conserves organizational resources.
QUALIFICATIONS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the education, experience, knowledge, skills, abilities, and behaviors required of this position.
Education and Experience:
Security Systems Analyst - Salary Grade 10 ($84,152 - $130,521) - A Bachelor's degree in Computer Science, Information Management, or a related field and two (2) years of directly related experience in systems administration, security system maintenance, information security, digital networking, computing, telecommunications, or SCADA/EMS operations is required. An Associate's degree in Computer Science, Information Management, or a related field and six (6) years of direct work experience may be considered as a substitute for a degree. Industry specific certifications may be substituted for experience at the rate of one (1) year of experience for each certification. Directly related experience may be substituted for education at the rate of two (2) years of experience for one (1) year of education. Administrative knowledge of Linux and Windows Operating Systems, security system management and administration, TCP/IP, routing and switching, and proven experience with firewalls and VPN appliances is preferred.
Senior Security Systems Analyst- Salary Grade 11 ($92,816 - $145,479) - A Bachelor's degree in Computer Science, Information Management, or a related field and five (5) years of directly related experience in systems administration, security system maintenance, information security, digital networking, computing, telecommunications, or SCADA/EMS operations is required. Industry specific certifications may be substituted for experience at the rate of one (1) year of experience for each certification. Directly related experience may be substituted for education at the rate of two (2) years of experience for one (1) year of education. Extensive engineering knowledge of Linux and Windows Operating Systems, security system management and administration, TCP/IP, routing and switching, and proven experience with firewalls and VPN appliances is preferred.
Language Skills: Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, and governmental regulations. Ability to write reports, business correspondence and procedure manuals. Ability to effectively present information and respond to questions from groups of employees, managers, clients, and customers.
Mathematical Skills: Ability to work with mathematical concepts such as probability and statistical inference, fundamentals of plane and solid geometry, trigonometry, calculus, and differential equations. Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
Reasoning Ability: Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.
Computer Skills: In addition to the qualifications listed above, knowledge and experience using Microsoft Office products is required.
CERTIFICATES, LICENSES, REGISTRATIONS:
Analyst: This job requires a current driver's license. Comptia A , Comptia Network , Comptia Security , and GIAC certifications is desirable.
Senior: Requires a current driver's license. Industry certifications, Comptia A , Comptia Network , Comptia Security , CISSP, GIAC, Engineering level certifications are desirable. Must be able to attain an engineering level certification within twelve (12) months of hire.
WORK SCHEDULE REQUIREMENTS: Normally works a weekday schedule, but may be required to work evenings, holidays, or weekends. May be required to travel on short notice. On-call nights and weekends will be required for response to anomalous issues.
PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit and talk or hear. The employee is frequently required to use hands to finger, handle or feel and reach with hands and arms. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision and color vision.
WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee will be subject to moderate outdoor weather conditions. The noise level in the work environment is usually quiet. In accordance with WFEC Administrative Procedure 805-Alcohol and Drug-Free Workplace this position is classified as "safety sensitive".
MUST MEET ALL PHYSICAL AND ENVIRONMENTAL REQUIREMENTS
WFEC IS AN EQUAL OPPORTUNITY PROVIDER AND EMPLOYER
MINORITIES, FEMALES, DISABILITY, AND
VETS ARE ENCOURAGED TO APPLY
EOE/AA/M/F/DISABILITY/VETS