Posted by: EDF Renewables on Jan 22, 2020
Job Description:
Sr Cybersecurity Engineer
Corporate Office, 15445 Innovation Dr, San Diego, California, United States of America Req #360
Monday, July 8, 2019
EDF Renewables North America, a subsidiary of EDF Renewables, is a leading North American independent power producer boasting over 30 years of experience across a broad spectrum of services. Our mission is to deliver renewable solutions to lead the transition to a sustainable energy future.
Scope of Job:
The Senior Cybersecurity Engineer acts as an expert advisor to the enterprise's business units, as well as to various IT groups. This role will lead in the design and implementation of security controls throughout the organization, and on corporate assets spread across North America.
The Cybersecurity Engineer position requires a very high level of project management ability, and a willingness to keep abreast on new security technologies and strategies. The Cybersecurity Engineer will be passionate about security, and capable of explaining difficult technical concepts to non-technical, or non-security focused groups.
Responsibilities:
• Aggregates, monitors and analyzes logs from deployed security devices.
• Architects, designs, implements, maintains and operates information system security controls and countermeasures.
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets and monitors for compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
• Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
• Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments
• Other duties as assigned
Supervision of Others:
0 - Direct Reports
Qualifications:
Education/Experience -
Typically requires a bachelor's degree in computer science or related field preference with a minimum of 10 years of IT experience; 8+ years delivering information security infrastructure support and related services with
CISSP or SANS Security Certification preferred.
Utility experience is a plus.
Skills/Knowledge/Abilities -
• Requires in-depth expertise in the analysis, design, installation, configuration and implementation of:
• Server operating systems such as Windows, Linux, Unix
• Network technologies such as Cisco firewalls, routers, switches
• Shell scripting such as bash, Perl, python, PowerShell or equivalent
• Technology automation to streamline operations and ensure consistent outcomes
• Experience deploying and operating vulnerability scanning tools, intrusion detection systems, and network equipment audit tools.
• In-depth knowledge and understanding of Security information and event management (SIEM) for advanced threat correlation and analysis.
• Knowledge of encryption tools and concepts including: PGP, PKI, and digital certificates.
• Knowledge of common information security management frameworks.
• Knowledgeable in the secure design and implementation of solutions supporting DNS, DHCP and AD management.
• Demonstrated experience in evaluating, recommending, and implementing commercial hardware and software security products to augment and enhance the Company's enterprise security program
• Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines. Experience defining requirements and developing project plans.
• Knowledge of industry leading endpoint protection platforms.
Working Conditions:
Approximately 95% of time is spent in the office environment, utilizing computers (frequent use of various Microsoft software/programs), phones, and general office equipment. Approximately 5% of time is spent outside of the office visiting vendors' and/or internal customers' sites in additional to attending various conferences and meetings.
Fiscal Responsibilities:
N/A
Reasonable Accommodations:
Reasonable accommodations may be provided by EDF Renewables to enable individuals with disabilities to perform essential functions, as defined per Company policy.
We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
HR. Website URL:
https://usr57.dayforcehcm.com/CandidatePortal/en-US/edfre