Sr Cyber Security Engineer - NERC CIP (Remote)
Constellation
Remote
cyber security
security
security engineer
engineer
nerc
cip
remote
security
nerc
cip
technical
management
carbon
March 23, 2023
Constellation
Penbrook, PA
FULL_TIME
$107100-119000/YEAR
Description
As the nation's largest producer of clean, carbon-free energy, Constellation is a company purpose-built to meet the challenges of the climate crisis. Constellation has been the leader in clean energy production for more than a decade. Now, we're accelerating, speeding our low-carbon or no-carbon power to more people in more places, day and night, providing our customers and communities with options to buy, manage and use energy as part of their decarbonization mission. The race is on to confront the climate crisis and Constellation is ready to meet the challenge.
Constellation has been the leader in carbon-free energy production for more than a decade, and generates 50% more clean, carbon-free electricity than any other company in America. We're generating power 24/7 with the nation's largest emission-free nuclear energy fleet, providing enough clean energy to power 15 million homes. Constellation offers customers a range of clean, zero-carbon energy solutions to help reduce their carbon footprint and achieve their sustainability goals.
We are committed to advancing diversity, equity and inclusion and believe in attracting, retaining and advancing employees who will best serve and represent our customers, partners and communities. We provide a workplace that ensures mutual respect, where each individual has the opportunity to grow and contribute at their greatest potential. Constellation will provide you the tools and resources you need to design, build and power a successful career.
Constellation offers a wide range of benefits, designed to help our employees thrive professionally and personally. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays and sick days; and much more.
Expected salary range of $107,100 - $119,000 per year, varies based on experience, along with comprehensive benefits package that includes bonus and 401k.
PRIMARY PURPOSE OF POSITION
The Sr.Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT teams to effectively communicate and assist in architecting and implementing effective security solutions to achieve NERC CIP compliance. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans.
PRIMARY DUTIES AND ACCOUNTABILITIES
- Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: (25%)
- Provide technical guidance regarding NERC CIP Standard and Requirement changes and implementations as well as other stakeholder and experts.
- Work with stakeholders to resolve issues around NERC CIP compliance.
- Provide input to implementation plans and standard operating procedures as they relate to information systems security.
- Develop specific risk mitigation strategies for systems and/or applications related to NERC CIP.
- Work closely with technical teams to implement effective security configurations/requirements, including: (25%)
- Verify security measures are implemented to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed meeting NERC CIP requirements.
- Verify and update documentation reflecting the application/system security design features related to NERC CIP for implementation team.
- Verify security requirements are in place for all applications related to NERC CIP.
- Work closely with all teams to ensure secure transition of new requirements into production. (25%)
- Assist with mitigation, incident remediation, and associated change management activities. (25%)
JOB SCOPE
The Sr. Cyber Security Engineer (CSE) will work closely (and primarily) with IT, Physical Security and Power IT to implement effective NERC CIP standards and requirements; provide analytical and technical recommendations where needed. Work with all parties for new standards or requirements for remediation and implementation efforts. Meet the business clients (IT/OT) and management to help specify and negotiate application security requirements; work closely with application teams to ensure secure transition of applications into production. Provide guidance around architecting and implementing effective NERC CIP solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution. Ability to mitigate vulnerabilities, remediate incidents, and affect change requests in support NERC CIP remediation efforts.
Qualifications
MINIMUM QUALIFICATIONS
- Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 to 8 years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience.
- At least 5 years of demonstrable security engineering or related experience, including:
- Knowledge of NERC CIP technical requirements
- Knowledge of networking designs and topologies
- Knowledge of encryption and cryptology
- Knowledge of embedded systems (front and back end)
- Knowledge of how system components are installed, integrated, and optimized
- Knowledge of human-computer interaction principles
- Knowledge of cybersecurity principles and organizational requirements
- Knowledge of operating systems
- Knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption
- Skill in evaluating the adequacy of security designs
- Knowledge of the systems engineering process
- Knowledge of network access, identity, and access management
- Comprehensive understanding of change management techniques associated with new and redeploy technology implementation.
- Demonstrated leadership ability.
- Proven analytical, problem solving, and consulting skills.
- Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
PREFERRED QUALIFICATIONS
- Graduate degree in cyber security or related area of expertise.
- Relevant security certifications (CISA, CISSP, GIAC, MCSE, RHCE, CCNP, CCSP)
- Deep technical NERC CIP experience.
- Strong understanding of enterprise, network, system, and application-level security engineering principles
- Demonstrable, hands-on expertise in the following technical disciplines:
- Operating Systems (Microsoft, Linux, UNIX)
- Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom and Palo Alto)
- Mobility (IOS, Android, MDM, BYOD)
- Cryptography (PKI, lifecycle management, symmetric)
- Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls)
- Virtualization (VMware, HyperV)
- Remote Access Methods (VPN, Citrix, MFA)
- ICS / SCADA System Security (design, controls)
Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
VEVRAA Federal Contractor
REQNUMBER: 246037-OTHLOC-95810020116
Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
As the nation's largest producer of clean, carbon-free energy, Constellation is a company purpose-built to meet the challenges of the climate crisis. Constellation has been the leader in clean energy production for more than a decade. Now, we're accelerating, speeding our low-carbon or no-carbon power to more people in more places, day and night, providing our customers and communities with options to buy, manage and use energy as part of their decarbonization mission. The race is on to confront the climate crisis and Constellation is ready to meet the challenge.
Constellation has been the leader in carbon-free energy production for more than a decade, and generates 50% more clean, carbon-free electricity than any other company in America. We're generating power 24/7 with the nation's largest emission-free nuclear energy fleet, providing enough clean energy to power 15 million homes. Constellation offers customers a range of clean, zero-carbon energy solutions to help reduce their carbon footprint and achieve their sustainability goals.
We are committed to advancing diversity, equity and inclusion and believe in attracting, retaining and advancing employees who will best serve and represent our customers, partners and communities. We provide a workplace that ensures mutual respect, where each individual has the opportunity to grow and contribute at their greatest potential. Constellation will provide you the tools and resources you need to design, build and power a successful career.
Constellation offers a wide range of benefits, designed to help our employees thrive professionally and personally. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays and sick days; and much more.
Expected salary range of $107,100 - $119,000 per year, varies based on experience, along with comprehensive benefits package that includes bonus and 401k.
PRIMARY PURPOSE OF POSITION
The Sr.Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT teams to effectively communicate and assist in architecting and implementing effective security solutions to achieve NERC CIP compliance. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans.
PRIMARY DUTIES AND ACCOUNTABILITIES
- Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: (25%)
- Provide technical guidance regarding NERC CIP Standard and Requirement changes and implementations as well as other stakeholder and experts.
- Work with stakeholders to resolve issues around NERC CIP compliance.
- Provide input to implementation plans and standard operating procedures as they relate to information systems security.
- Develop specific risk mitigation strategies for systems and/or applications related to NERC CIP.
- Work closely with technical teams to implement effective security configurations/requirements, including: (25%)
- Verify security measures are implemented to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed meeting NERC CIP requirements.
- Verify and update documentation reflecting the application/system security design features related to NERC CIP for implementation team.
- Verify security requirements are in place for all applications related to NERC CIP.
- Work closely with all teams to ensure secure transition of new requirements into production. (25%)
- Assist with mitigation, incident remediation, and associated change management activities. (25%)
JOB SCOPE
The Sr. Cyber Security Engineer (CSE) will work closely (and primarily) with IT, Physical Security and Power IT to implement effective NERC CIP standards and requirements; provide analytical and technical recommendations where needed. Work with all parties for new standards or requirements for remediation and implementation efforts. Meet the business clients (IT/OT) and management to help specify and negotiate application security requirements; work closely with application teams to ensure secure transition of applications into production. Provide guidance around architecting and implementing effective NERC CIP solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution. Ability to mitigate vulnerabilities, remediate incidents, and affect change requests in support NERC CIP remediation efforts.
Qualifications
MINIMUM QUALIFICATIONS
- Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 to 8 years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience.
- At least 5 years of demonstrable security engineering or related experience, including:
- Knowledge of NERC CIP technical requirements
- Knowledge of networking designs and topologies
- Knowledge of encryption and cryptology
- Knowledge of embedded systems (front and back end)
- Knowledge of how system components are installed, integrated, and optimized
- Knowledge of human-computer interaction principles
- Knowledge of cybersecurity principles and organizational requirements
- Knowledge of operating systems
- Knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption
- Skill in evaluating the adequacy of security designs
- Knowledge of the systems engineering process
- Knowledge of network access, identity, and access management
- Comprehensive understanding of change management techniques associated with new and redeploy technology implementation.
- Demonstrated leadership ability.
- Proven analytical, problem solving, and consulting skills.
- Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
PREFERRED QUALIFICATIONS
- Graduate degree in cyber security or related area of expertise.
- Relevant security certifications (CISA, CISSP, GIAC, MCSE, RHCE, CCNP, CCSP)
- Deep technical NERC CIP experience.
- Strong understanding of enterprise, network, system, and application-level security engineering principles
- Demonstrable, hands-on expertise in the following technical disciplines:
- Operating Systems (Microsoft, Linux, UNIX)
- Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom and Palo Alto)
- Mobility (IOS, Android, MDM, BYOD)
- Cryptography (PKI, lifecycle management, symmetric)
- Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls)
- Virtualization (VMware, HyperV)
- Remote Access Methods (VPN, Citrix, MFA)
- ICS / SCADA System Security (design, controls)
Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
VEVRAA Federal Contractor
REQNUMBER: 246037-OTHLOC-95810020116
Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
Report this job