Security Operations Engineer (Levels III - V)

Georgia System Operations is a progressive organization offering opportunities for engineers, technicians, project managers, and more. We've been honored with Best Place to Work in Georgia.

Our people-over-profit culture and competitive compensation and benefits packages prove we're dedicated to retaining the best candidates.

We offer comprehensive medical, dental, and vision coverage, a strong retirement program, career development, and flexible work schedules. We're focused on wellness and being a supportive member of the community.

Security Operations Engineer (Levels III - V)

Department : Security Operations Full Time $96600 - $168800 per year Tucker, Georgia, United States

Description

This Engineer role, part of GSOC's Security Operations department, is responsible for protecting the cyber assets that support GSOC and GTC's digital operations. The position focuses on conducting cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The Engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will bring a strong background in power engineering and substation design including protective relaying and control systems along with experience in cybersecurity and NERC CIP compliance.

Performs duties related to ensuring that the systems and networks used for operations are managed securely and in compliance with NERC Critical Infrastructure Protection (CIP) standards. Supports and implements GSOC's physical and cyber security programs including projects related to the security of the digital operations infrastructure and NERC CIP Compliance. Identifies, designs, and implements innovative solutions and uses of security technologies that enable smooth business and operations activities. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives.

Job Duties :

• Develops and maintains components of GSOC's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes.
• Identifies, documents, and implements approved improvements to existing technical and operational processes.
• Develops, documents, and implements NERC CIP related policies, processes, and procedures.
• Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts.
• Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture.
• Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading efforts to ensure that the systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures.
• Develops and maintains components of GSOC's physical and cyber security programs. Serves as Lead Engineer or Architect of major Power Technology enterprise-level projects associated with initiatives with significant impact to GSOC operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes.
• Leads initiatives that identify improvements to existing technical and operational processes.
• Develops, documents, and implements NERC CIP related policies, processes, and procedures.
• Leads corporate efforts in identifying, studying, and implementing technologies to secure GSOC and GTC's digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies.
• Collaborate with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develop and implement policies, processes, and procedures to support compliance efforts.
• Leads corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture.
• Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT leading strategic initiatives and projects that ensure systems, networks, and infrastructure are being designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures.

Required Qualifications :

Education : Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems / Technology, or a related field.

Experience :

Experience configuring, and analyzing local and wide area networks, intranets, extranets, and IP addressing

Equivalent Experience :

High school diploma with 12+ years of experience with significant responsibilities related to security operations, such as Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management.

Licenses, Certifications, and / or Registrations : Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus.

Specialized Skills : Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.

Travel : Less than 10%.

Unusual Hours : Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed. On-site support for system installs, upgrades, assessments as required by CIP compliance activities.

J-18808-Ljbffr