This posting will remain open until the position is filled. We encourage you to apply early as we will review and consider candidates as they are received.
This is a professional/technical position responsible for designing, implementing, documenting, monitoring and continuous improvement of security and compliance controls for the protection of Supervisory Control and Data Acquisition/Energy Management System (SCADA/EMS) and other Critical Infrastructure systems in compliance with applicable NERC Critical Infrastructure Protection (CIP) standards.
Assists in the design and implementation of technical and procedural security controls to prevent, detect, and remediate threats to the SCADA/EMS and other Critical Infrastructure systems.
Maintains baselines of approved security configurations for the SCADA/EMS and coordinates with Subject Matter Experts (SMEs) to ensure all changes affecting the baseline configuration are made under the Change Control process to maintain accurate baselines and effective security controls.
Jointly responsible, along with the Programmer Analyst, for maintenance, patching, malware signature updates, and upgrades of critical infrastructure network equipment, computers, and transient laptops. Creates change control tickets, performs security tests on the changes prior to implementation, and generates related evidence.
Develops and maintains accurate documentation of personnel with physical and/or cyber access to SCADA/EMS assets along with their specific permissions. Provisions access and performs periodic reviews to ensure access permissions are configured as approved.
Assists and advises system owners for SCADA/EMS and other Critical Infrastructure systems regarding the design and review of the security architecture for new hardware and software.
Implements and maintains software solutions to automate and manage security of the SCADA/EMS, including integrity management, intrusion detection, and log collection and analysis.
Monitors SCADA/EMS for potential security threats or vulnerabilities; coordinates with team members and EMS staff to provide appropriate response and recovery to the system.
Maintains SCADA/EMS and other Critical Infrastructure firewalls and ensures the integrity of the electronic security perimeter.
Performs vulnerability assessments and remediates issues based on risk.
Reviews plans and procedures and recommends changes; may be assigned to author new documents or modifications to existing ones.
Maintains awareness of individual, department, and corporate goals as well as the needs of system users; identifies projects that will aid in achieving these goals and meeting user needs.
Works on multiple projects and communicates activity status to stakeholders and management.
Maintains understanding of current and planned NERC CIP and related standards and their impact to EKPC. May be designated as a liaison with Southeastern Reliability Corporation (SERC) in certain CIP-related matters.
Actively participates in NERC CIP Compliance audits, including interviews and collecting responses to data requests.
Remains current on industry and technology changes and emerging trends.
Works on special projects and performs other duties as required or assigned.
Bachelor's degree in Computer Science or a related area required.
GSEC or CISSP certifications preferred.
Five (5) years of related experience preferred.
Skills and Abilities:
Knowledge of Tripwire Enterprise and Log Center software products.
Knowledge in the maintenance of firewalls and network intrusion detection.
Ability to use security scanning tools, such as Nessus, and interpret the results.
Ability to work on and/or manage multiple projects and prepare status updates.
Competent to review, understand, and act on logs generated by computer and network systems.
Basic knowledge of the SCADA/EMS Architecture.
Knowledge of PC/LAN hardware and operating systems.
Ability to read and interpret software design specifications and user manuals.
Ability to work with other departmental staff and supervisors in carrying out plans, contracts, etc.
Ability to think logically and creatively and to understand instructions on specific objectives, complex features, and possible solutions.
Technical/Professional Knowledge & Skills
Contributing to Team Success
Conditions of Employment
This is primarily an inside position with usual office conditions. Regular lifting up to 20 (twenty) lbs. with occasional lifting up to 50 (fifty) lbs. required.
Occasional travel in and outside the system; travel may be overnight.
Must maintain valid driver’s license.
Must wear personal protective equipment as appropriate.
Located in the heart of the Bluegrass state, East Kentucky Power Cooperative is a not-for-profit generation and transmission (G&T) electric utility with headquarters in Winchester, KY which is just a short distance from Lexington. Our cooperative has a vital mission: to safely generate and deliver reliable, affordable and sustainable energy to our 16 owner-member cooperatives serving more than 1 million Kentuckians across 87 counties. We’re leaders in environmental stewardship and we’re committed to provide power to improve the lives of people in Kentucky.
As passionate as we are about providing smart energy solutions, we are equally excited about people. We strive to cultivate connected workplaces where great ideas are born and rewarding careers are built.
EKPC offers a wage and benefits package that ranks among the best in the state. There is no waiting period on our medical, dental and vision insurance plans so you are covered on day one, and the dental plan is free for employees. Our generous 401(k) retirement plan allows employees to start contributing to their plan after a month of service, and after 3 months of service, EKPC will automatically contribute 6% of b...ase wages AND match employee contributions up to 4%. Our competitive vacation and sick leave package starts day one to allow for flexibly and a healthy work-life balance. For more information on our plentiful benefits package visit our website at https://www.ekpc.coop/work-ekpc
EKPC is an Equal Employment Opportunity Employer: Women/Minorities/Veterans/Disabled