Information System Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

CorSource · 17 hours ago

Information System Security Engineer

positionVancouver, WA
timeContract
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

CorSource is seeking an Information System Security Engineer to assist management in implementing and maintaining critical systems for secure grid operations. The role involves providing expert security advice, developing compliance strategies, and addressing complex security challenges within control center infrastructure systems.

Cloud ComputingCyber SecurityData ManagementInformation Services

Responsibilities

Assist management in implementing, managing, operating, and maintaining mission critical systems that support the reliable and secure operations of grid operations as well as critical business applications
Serve as a programmatic expert for the recommendation, development and implementation of operational cyber security and compliance strategies, standards, processes, guidelines, and projects to safeguard critical cyber assets
Recommend and influence security and regulatory compliance for the most strategic and complex control center infrastructure systems
Provide expert technical security advice, guidance, and recommendations to management and other technical specialists on critical control center infrastructure projects and management issues
Isolate and identify unprecedented issues and unknown conditions; develop, test, and advise on new technologies, methods, approaches, and guides; provide expertise and recommendations on project planning and policy-making functions
Serve as technical expert to agency management officials, including DOE, for security advice on integrating control center security programs with other key mission-critical Transmission Services’ programs
Review, analyze, and design solutions and implement management approved automated technical capabilities to verify that information security processes are practiced by control center information security practitioners, project managers, and system owners
Apply new applications or developments to resolve unique or novel problems, conditions, or issues; significantly alter standard existing security practices, equipment, devices, processes, and known techniques; provide significant and innovative recommendations for advancing good security practices

Qualification

CISSPCISACISMNERC CIPNIST 800 seriesOT security controlsSecurity control evaluationNetwork implementationTechnical adviceDocumentation skillsProblem-solvingCommunication skills

Required

Bachelor of science in computer science, information technology or a directly related technical discipline is highly preferred
10 years of experience is required with an applicable bachelor's degree
12 years of experience is required with an applicable associate's degree
14 years of experience is required without a degree or an applicable
Experience must include the following: Hands-on technical implementation of networks and systems
Experience evaluating various technical, operational, and management solutions to security problems, using written language and various media to present alternatives and recommendations
Proven ability to develop documentation sufficient to arrive at logical and comprehensive conclusions and recommendations. The documentation must be of a sufficient professional level to stand as an artifact for reuse as part of the security architecture
Experience evaluating the adequacy and existence of OT security controls as it conforms to security architectures
Experience having properly documented evidence of security architecting, design, and cyber-security activities sufficient for a third-party reviewer to arrive at the conclusion the Security control Assessor has reached in the work
3+ years previous experience effectively performing security control implementation on networks, servers and systems and/or vulnerability assessments
One or more of the following networking or security certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
5+ years of experience performing security control evaluation and testing
8+ years of experience with North American Electric Reliability Corporation, Critical Infrastructure Protection (NERC CIP) regulatory standards and requirements
10+ years of experience with the Risk Management Framework and the 800 series of National Institute of Standards & Technology (NIST) Special Publications (in particular 800-37, 800-39, 800-53, 800-53A, 800-82 and 800-115)

Preferred

Expert knowledge of FISMA controls
Expert knowledge of NERC-CIP standards
Understanding and experience in Federal electrical utility operations and how it interplays with FISMA/NERC-CIP standards and compliance

Company

CorSource

twittertwittertwitter
company-logo
CorSource provides cloud migration, application modernization, cybersecurity, data management, and analytics services.
dateFounded in 1994
location
Portland, Oregon, USA
people-size51-200 employees
web-link
https://www.corsource.com/

Funding

Current Stage
Growth Stage
Company data provided by crunchbase