City of Tacoma
Are you passionate about safeguarding critical infrastructure and operational systems from cyber threats? Are you looking to join a mission‑driven team that values collaboration, technical excellence, and public service? If so, Tacoma Power invites you to explore this exciting opportunity!
We are seeking a highly skilled
Senior Vulnerability Management Engineer
to join our Cybersecurity Operations team within the Utility Technology Services (UTS) section. This position is classified as Information Technology Security Analyst, Senior. You will lead the design, implementation, and continuous improvement of the TPU’s Vulnerability Management Program and support the protection of enterprise IT and OT systems, including critical infrastructure, operational systems, and sensitive data.
Job Responsibilities
Lead TPU’s Vulnerability Management (VM) Program : Design and refine program and process areas, revise annually or as needed, and ensure vulnerability‑related risk is visible, prioritized, and effectively managed.
Operate and maintain VM tools : Conduct vulnerability scans across IT and OT systems, analyze results, maintain scanning tools, create tickets for system owners, and consult on remediation strategies.
Cybersecurity incident response : Support analysts and stakeholders in investigating alerts and contributing to active incident response using SIEM, EDR, and threat intelligence platforms.
Procedure Development & Process Improvement : Drive program maturity by updating plans, procedures, and best practices based on data, industry best practices, and the strategic roadmap.
Mentor and guide team members : Provide informal coaching, peer reviews, and feedback to build team capability.
Develop and maintain internal documentation : Produce and update VM plans, technical processes, and best‑practice guides.
Collaborate with stakeholders : Communicate with internal teams during investigations to gather context, validate findings, and coordinate remediation.
Support Regulatory Compliance (NERC‑CIP) : Maintain CIP responsibilities and support audit readiness and evidence gathering.
Minimum Education* Bachelor’s degree in information technology, cybersecurity, or a directly related field. Equivalent experience may be considered (1 year of experience = 1 year of education).
Minimum Experience* At least 4 years of progressively responsible information technology experience related to vulnerability management, security operations, or enterprise security.
Licensing, Certifications and Other Requirements Security+ or related certification (e.g., GIAC GCIA, GIAC GCIH, CISSP). Washington State driver’s license. Ability to pass background checks and update certifications as required.
Key Skills and Experience
Expertise with Vulnerability Management platforms (Rapid7, Qualys, Nessus).
Experience with SIEM platforms (LogRhythm, Splunk).
Proficiency with EDR and application control platforms (Carbion Black, CrowdStrike).
Strong understanding of MITRE ATT&CK, threat modeling, and TTP analysis.
Familiarity with scripting and automation (Python, PowerShell).
Excellent communication, collaboration, and customer‑service skills.
Incident response leadership in enterprise environments.
Experience with NERC‑CIP and other regulatory cybersecurity standards.
Compensation & Benefits Annual salary range:
$118,560.00 - $166,920.00 . Employee benefits include health, dental, vision, retirement, and other standard benefits offered by Tacoma Power.
Application Process To apply, submit your application, resume, and cover letter online by the closing date listed in the job announcement. Applicants without the required documents may not progress. Successful candidates may be invited to a work‑problem interview and must pass a background check.
For technical assistance with the application, please contact the Human Resources office at (253) 591‑5400 by 4:00 p.m. on the closing date.
For general inquiries, you may reach out to the recruitment manager, Kye Merritt, on LinkedIn (link removed).
#J-18808-Ljbffr
We are seeking a highly skilled
Senior Vulnerability Management Engineer
to join our Cybersecurity Operations team within the Utility Technology Services (UTS) section. This position is classified as Information Technology Security Analyst, Senior. You will lead the design, implementation, and continuous improvement of the TPU’s Vulnerability Management Program and support the protection of enterprise IT and OT systems, including critical infrastructure, operational systems, and sensitive data.
Job Responsibilities
Lead TPU’s Vulnerability Management (VM) Program : Design and refine program and process areas, revise annually or as needed, and ensure vulnerability‑related risk is visible, prioritized, and effectively managed.
Operate and maintain VM tools : Conduct vulnerability scans across IT and OT systems, analyze results, maintain scanning tools, create tickets for system owners, and consult on remediation strategies.
Cybersecurity incident response : Support analysts and stakeholders in investigating alerts and contributing to active incident response using SIEM, EDR, and threat intelligence platforms.
Procedure Development & Process Improvement : Drive program maturity by updating plans, procedures, and best practices based on data, industry best practices, and the strategic roadmap.
Mentor and guide team members : Provide informal coaching, peer reviews, and feedback to build team capability.
Develop and maintain internal documentation : Produce and update VM plans, technical processes, and best‑practice guides.
Collaborate with stakeholders : Communicate with internal teams during investigations to gather context, validate findings, and coordinate remediation.
Support Regulatory Compliance (NERC‑CIP) : Maintain CIP responsibilities and support audit readiness and evidence gathering.
Minimum Education* Bachelor’s degree in information technology, cybersecurity, or a directly related field. Equivalent experience may be considered (1 year of experience = 1 year of education).
Minimum Experience* At least 4 years of progressively responsible information technology experience related to vulnerability management, security operations, or enterprise security.
Licensing, Certifications and Other Requirements Security+ or related certification (e.g., GIAC GCIA, GIAC GCIH, CISSP). Washington State driver’s license. Ability to pass background checks and update certifications as required.
Key Skills and Experience
Expertise with Vulnerability Management platforms (Rapid7, Qualys, Nessus).
Experience with SIEM platforms (LogRhythm, Splunk).
Proficiency with EDR and application control platforms (Carbion Black, CrowdStrike).
Strong understanding of MITRE ATT&CK, threat modeling, and TTP analysis.
Familiarity with scripting and automation (Python, PowerShell).
Excellent communication, collaboration, and customer‑service skills.
Incident response leadership in enterprise environments.
Experience with NERC‑CIP and other regulatory cybersecurity standards.
Compensation & Benefits Annual salary range:
$118,560.00 - $166,920.00 . Employee benefits include health, dental, vision, retirement, and other standard benefits offered by Tacoma Power.
Application Process To apply, submit your application, resume, and cover letter online by the closing date listed in the job announcement. Applicants without the required documents may not progress. Successful candidates may be invited to a work‑problem interview and must pass a background check.
For technical assistance with the application, please contact the Human Resources office at (253) 591‑5400 by 4:00 p.m. on the closing date.
For general inquiries, you may reach out to the recruitment manager, Kye Merritt, on LinkedIn (link removed).
#J-18808-Ljbffr