Responsible for the digital security of the information technology infrastructure for Garland Power & Light by evaluating, planning and implementing the security systems that protect GP&L’s IT infrastructure. The role will supply and apply information security tactics to the corporate, SCADA, and EMS systems to comply with federal, state, and company regulatory policies and procedures. Also responsible for monitoring and securing the systems and networks.
Essential Job Functions
Regulatory and reliability agencies that are considered referenced include: Federal Energy Regulatory Commission (FERC), Public Utility Commission of Texas (PUCT), North American Electric Reliability Corporation (NERC), Texas Reliability Entity (TRE), Electric Reliability Council of Texas (ERCOT), etc.
1. Ensure systems and networks comply with NERC CIP, state and local regulatory standards and internal policies. Assess business risks and evaluate the effectiveness of controls at the network, operating system, database, and application level.
2. Participate in regulatory audits, spot-checks, and self-certifications including mock audits.
3. Evaluate tests, recommend, develop, coordinate, monitor, and maintain information security policies, procedures and systems, including hardware, firmware and software.
4. Conduct vulnerability assessment and review, investigate and document results.
5. Assist Information Security (IS) architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security.
6. Identify security risks and exposures, determine the causes of security violations and suggest procedures to halt future incidents. Investigate and resolve security incidents and recommends enhancements to improve security.
7. Continuously monitor, analyze and identify security alerts information from all approved security devices, collection techniques and designated system logs.
8. Assist with the review, evaluation and root cause identification of deficiencies, and participate in mitigation plans with corrective actions.
9. May prepare written reports, communication or correspondence on behalf of the department. May make presentations on assignment status and progress.
10. May attend various events and functions.
Minimum Education & Work Experience
Bachelor’s degree in computer science; cyber security; or related information technology discipline
3+ years in information security
Or an equivalent combination of education and experience (in electric utility) sufficient to successfully perform the essential functions of the job.
Preferred Knowledge – Abilities & Skills
2-5 years’ experience in broad based information technology including network, system administration, programming and security
3 years experience in data security, contingency planning or related area
Knowledge, Skills & Abilities:
General knowledge of the principles and practices of business organizations
Basic knowledge of NERC CIP
Ability to perform security data mining and data trending.
Comprehensive knowledge of data security procedures
Comprehensive skill in systems programming language(s) as they relate to security requirements
Proficient skill in Microsoft Office (Word, Excel, Powerpoint)
Ability to take on challenges and learn at a quick pace
Licenses & Certifications
Valid Class C Texas driver’s license
Hold one or more of the following certifications:
Comptia Security +
Or any other industry security certification
Physical Tasks & Working Conditions
The incumbent works in a typical office environment; relatively free from any environmental hazards or conditions. May be exposed to some unpleasant environmental conditions.