Georgia System Operations Corporation
Security Engineer (Levels III - V)
Georgia System Operations Corporation, Tucker, Georgia, us, 30085
Overview
Georgia System Operations Corporation is seeking a Security Engineer (Levels III - V). This role is part of GSOC's Security Operations department and focuses on protecting the cyber assets that support GSOC and GTC's digital operations. The position involves cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will have a strong background in power engineering and substation design including protective relaying and control systems, along with experience in cybersecurity and NERC CIP compliance. Responsibilities
Develops and maintains components of GSOC's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes. Identifies, documents, and implements approved improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Collaborates with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develops and implements policies, processes, and procedures to support compliance efforts. Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT to ensure systems, networks, and infrastructure are designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Engineer IV - V: Leads as Lead Engineer or Architect of major enterprise-level projects with significant impact to GSOC operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes. Leads initiatives that identify improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Leads corporate efforts in identifying, studying, and implementing technologies to secure GSOC and GTC's digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies. Leads corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develops and implements policies, processes, and procedures to support compliance efforts. Leads strategic initiatives and projects with other departments to ensure systems, networks, and infrastructure are designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Qualifications
Required Qualifications: Education: Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems/Technology, or a related field. Experience: Engineer III: Minimum of 6 years of experience in cyber security, information assurance, or related positions. Engineer IV - V: Minimum of 10 years of experience in cyber security, information assurance, or related positions. Experience configuring and analyzing local and wide area networks, intranets, extranets, and IP addressing. Experience performing system hardening, patch management, and configuration management. Experience designing, programming, or analyzing computer architectures and operating systems. Experience in Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management (desired). Experience providing 24x7 support for real-time data communications systems and troubleshooting related issues (desired). Experience with virtual environments (VMware ESXi) (desired). Experience with Physical Access Control Systems (PACS), Honeywell, Genetec (desired). Experience with ITIL-based Asset and Change Management systems (desired). Experience with Windows Server/Workstation administration, SQL Server administration, Linux administration (desired). Experience in regulated environments such as NERC CIP or similar (highly desired). Equivalent Experience: Associates degree in related field or a Bachelor's Degree in an unrelated field with 10+ years of security operations experience with significant responsibilities (e.g., Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, Information Management). High school diploma with 12+ years of relevant security operations experience with significant responsibilities. Associates degree or Bachelor’s in unrelated field with 13+ years of relevant experience, or High school diploma with 16+ years of relevant experience. Licenses, Certifications, and/or Registrations: Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus. Specialized Skills: Strong technical skills across multiple OS and appliance platforms, ability to learn quickly, strong customer service, analytical skills, and leadership in process implementation. Capable of documenting resolutions and passing a NERC CIP personnel risk assessment. Travel: Less than 10%. Unusual Hours: Occasional evening and weekend work may be required to support operations and security event response. On-site support for system installs, upgrades, assessments as required by CIP compliance activities. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Utilities Note: This refined description keeps the essential responsibilities, qualifications, and job context without extraneous promotional content or formatting artifacts.
#J-18808-Ljbffr
Georgia System Operations Corporation is seeking a Security Engineer (Levels III - V). This role is part of GSOC's Security Operations department and focuses on protecting the cyber assets that support GSOC and GTC's digital operations. The position involves cyber asset assessments, ensuring accurate identification and documentation of assets subject to NERC CIP requirements, and supporting a secure and reliable Bulk Electric System across Georgia. The engineer will help maintain compliance, assist with mitigation strategies, and support audits and evidence collection. Ideal candidates will have a strong background in power engineering and substation design including protective relaying and control systems, along with experience in cybersecurity and NERC CIP compliance. Responsibilities
Develops and maintains components of GSOC's physical and cyber security programs. Leads major Power Technology projects associated with new standards or significant program development initiatives. Documents process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and approved operational changes. Identifies, documents, and implements approved improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Collaborates with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develops and implements policies, processes, and procedures to support compliance efforts. Contributes to corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with other functional departments including GTC's System Protection & Control, Electronic Maintenance, Relay Maintenance, Procurement, Human Resources, and GSOC's Power Technology, Human Resources and SSIT to ensure systems, networks, and infrastructure are designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Engineer IV - V: Leads as Lead Engineer or Architect of major enterprise-level projects with significant impact to GSOC operations and security. Recommends and approves process changes across departments and works with cross-functional teams to implement new systems, infrastructure, and operational changes. Leads initiatives that identify improvements to existing technical and operational processes. Develops, documents, and implements NERC CIP related policies, processes, and procedures. Leads corporate efforts in identifying, studying, and implementing technologies to secure GSOC and GTC's digital operations infrastructure and enhance security posture. Works with internal and industry peers to explore innovative solutions and evaluate emerging technologies. Leads corporate efforts in identifying, studying, and implementing new technologies to secure GSOC and GTC's digital operations infrastructure and security posture. Collaborates with internal and external compliance and audit teams to ensure adherence to regulatory standards, including NERC CIP requirements. Develops and implements policies, processes, and procedures to support compliance efforts. Leads strategic initiatives and projects with other departments to ensure systems, networks, and infrastructure are designed, built, and maintained in compliance with NERC CIP standards and GSOC's cyber security policies and procedures. Qualifications
Required Qualifications: Education: Bachelor's degree in Electrical Engineering, Computer Engineering, Information Systems/Technology, or a related field. Experience: Engineer III: Minimum of 6 years of experience in cyber security, information assurance, or related positions. Engineer IV - V: Minimum of 10 years of experience in cyber security, information assurance, or related positions. Experience configuring and analyzing local and wide area networks, intranets, extranets, and IP addressing. Experience performing system hardening, patch management, and configuration management. Experience designing, programming, or analyzing computer architectures and operating systems. Experience in Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, and Information Management (desired). Experience providing 24x7 support for real-time data communications systems and troubleshooting related issues (desired). Experience with virtual environments (VMware ESXi) (desired). Experience with Physical Access Control Systems (PACS), Honeywell, Genetec (desired). Experience with ITIL-based Asset and Change Management systems (desired). Experience with Windows Server/Workstation administration, SQL Server administration, Linux administration (desired). Experience in regulated environments such as NERC CIP or similar (highly desired). Equivalent Experience: Associates degree in related field or a Bachelor's Degree in an unrelated field with 10+ years of security operations experience with significant responsibilities (e.g., Security Patch Management, Configuration Management, Firewall Management, Disaster Recovery, Incident Management, Information Management). High school diploma with 12+ years of relevant security operations experience with significant responsibilities. Associates degree or Bachelor’s in unrelated field with 13+ years of relevant experience, or High school diploma with 16+ years of relevant experience. Licenses, Certifications, and/or Registrations: Certifications related to Critical Infrastructure, NERC CIP, Cyber Security or Information Systems are a plus. Specialized Skills: Strong technical skills across multiple OS and appliance platforms, ability to learn quickly, strong customer service, analytical skills, and leadership in process implementation. Capable of documenting resolutions and passing a NERC CIP personnel risk assessment. Travel: Less than 10%. Unusual Hours: Occasional evening and weekend work may be required to support operations and security event response. On-site support for system installs, upgrades, assessments as required by CIP compliance activities. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Utilities Note: This refined description keeps the essential responsibilities, qualifications, and job context without extraneous promotional content or formatting artifacts.
#J-18808-Ljbffr