Information Systems Security Engineer 3 jobs in United States
info-icon
This job has closed.
company-logo

First Tek, Inc. · 1 day ago

Information Systems Security Engineer 3

positionVancouver, WA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

First Tek, Inc. is seeking an Information Systems Security Engineer 3 to provide technical expertise on security architecture and management for control center and field infrastructure systems. The role involves advising on security strategies, leading projects, and ensuring compliance with regulatory standards.

Information TechnologyStaffing Agency
check
H1B Sponsor Likelynote

Responsibilities

Provide technical expertise on control center and field infrastructure security architecture and management for control center and field infrastructure systems and related matters
Applies a broad knowledge of power system operations and associated control center and field systems including knowledge of security and regulatory (i.e. FISMA and NERC CIP) as it pertains to compliance computer networks, user interfaces, system software, data acquisition, telecommunications, substation field equipment, and related computer hardware areas
Provide Information System Security Officer support and technical expert for the BPA control center and field General Support Systems and programs by providing expert technical advice, guidance, and recommendations to management and other technical and security specialists on critical operational issues relating to control center control and field infrastructure and data systems including the upgrade and enhancement of all systems in the two critical BPA control centers and field locations
Recommend security strategies in the development of system, software and hardware architectures, technical plans and specifications, system designs, software designs, integration plans, test plans, and project plans
Advises other OT experts and security practitioners throughout the control centers and field on a variety of situations and issues that involve applying or adapting new security technology theories, concepts, applications, standards, and/or practices
As the control center and field infrastructure security architect and expert, serve as the project security/compliance lead, on assigned projects, for an interdisciplinary project team of electrical engineering and operational technology staff assigned to execute on the most complex control center and field system projects
Verifies that the project plans conform to applicable organizational, agency and external security and compliance standards, policies and guidelines
Provide technical expertise and assistance with the recommendation, development and implementation of BPA management-approved operational cyber security and compliance strategies, processes, guidelines, and projects to safeguard critical cyber assets
Provide technical input, recommendations and assistance with the implementation of both higher and granular-level cyber security approaches, methods and solutions that incorporate and maintain compliance to requirements resulting from laws, regulations, or Presidential directives
Develop / draft, recommend and execute BPA management-approved testing plans, report results and recommendations
Provide security engineering expertise and recommendations
In collaboration with the BPA manager and per established procedures, develop a cyber-security architecture for the BPA control centers to include accurate, comprehensive applicable documentation
Perform detailed and comprehensive security event analysis
Provide guidance and input into technical reviews of proposed projects, and BPA's system security authorization processes
Provide technical input and support to the Continuous Assessment and Monitoring Program
Draft and recommend detailed project plans, timelines, milestones and objectives for upgrades, patches and other changes and/or for monitoring security measures for the protection of OT computer networks and information
Perform risk assessments and execute tests of data processing systems to validate functioning of data processing activities and security measures
Validate appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
Coordinate, facilitate and assist with general support systems and major applications' security and compliance projects and program changes and initiatives that: Are designed to anticipate, assess, and minimize system vulnerabilities and weaknesses. Integrate across disciplines, platforms and internal organizations; (people, processes, systems). Under the direction and leadership of BPA Management
Recommend the scope and level of detail for system security plans and collaborate and assist with draft policies, processes and procedures that are applicable to and promote Transmission Systems Operations security program
Develop / draft long-range plans and strategies for OT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with OT systems vulnerabilities
Keep abreast of current and new security technologies and threats
Identify the need or potential opportunity for changes based on new security technologies and threats, present recommendations and supportive data for consideration
Research and review proposed new systems, networks, and software designs for potential security risks and impacts; recommend mitigation, countermeasures or other options
Identify integration issues related to the implementation of new systems within the existing infrastructure; recommend mitigation and/or resolution options
Provide subject matter expertise, technical guidance and assistance to other Security Control Assessors, and Cyber Security personnel co-workers on a variety of ad hoc and standing projects requiring data / system process analysis
Provide technical expertise, guidance and assistance to organizational co-workers with less experience, including cross-training as requested

Qualification

CISSPCISACISMNERC CIPNIST 800 seriesFISMA controlsSecurity control evaluationRisk Management FrameworkSecurity architectureCyber security strategiesOperational technologyTechnical documentation

Required

Bachelor of science in computer science, information technology or a directly related technical discipline is highly preferred
10 years of experience is required with an applicable bachelor's degree
12 years of experience is required with an applicable associate's degree
14 years of experience is required without a degree or an applicable
Experience must include the following: Hands-on technical implementation of networks and systems
Experience evaluating various technical, operational, and management solutions to security problems, using written language and various media to present alternatives and recommendations
Proven ability to develop documentation sufficient to arrive at logical and comprehensive conclusions and recommendations. The documentation must be of a sufficient professional level to stand as an artifact for reuse as part of the security architecture
Experience evaluating the adequacy and existence of OT security controls as it conforms to security architectures
Experience having properly documented evidence of security architecting, design, and cyber-security activities sufficient for a third-party reviewer to arrive at the conclusion the Security control Assessor has reached in the work
3+ years previous experience effectively performing security control implementation on networks, servers and systems and/or vulnerability assessments
One or more of the following networking or security certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
5+ years of experience performing security control evaluation and testing
8+ years of experience with North American Electric Reliability Corporation, Critical Infrastructure Protection (NERC CIP) regulatory standards and requirements
10+ years of experience with the Risk Management Framework and the 800 series of National Institute of Standards & Technology (NIST) Special Publications (in particular 800-37, 800-39, 800-53, 800-53A, 800-82 and 800-115)

Preferred

Expert knowledge of FISMA controls
Expert knowledge of NERC-CIP standards
Understanding and experience in Federal electrical utility operations and how it interplays with FISMA/NERC-CIP standards and compliance

Company

First Tek, Inc.

twittertwittertwitter
company-logo
To succeed in the complex world of technology, you need exceptional connections – to the right experts, the right opportunities and the right answers.
dateFounded in 2001
location
Piscataway, New Jersey, USA
people-size1001-5000 employees
web-link
https://www.first-tek.com/

H1B Sponsorship

First Tek, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (42)
2024 (58)
2023 (60)
2022 (82)
2021 (165)
2020 (312)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Kumar Bhavanasi
Founder, President and CEO
linkedin

Recent News

Reuters
US equities, tech growing in market dominance, Goldman strategists say
2024-05-04
PR Newswire
First Tech Reinforces Philanthropic Commitment, Contributing $3.6M to Nonprofits in 2023
2024-05-04
PRNewswire
Madison Street Capital Advised Cenergy International Services, Inc. on Its Sale to First Tek, Inc.
2024-04-23
Company data provided by crunchbase