Sr System Cyber Analyst - NERC CIP Cyber Security

Job Info

112522

Posting Expiration Date: May 31, 2024

Schedule Type: Full-Time

Minimum Salary: $100000

Maximum Salary: $135000

Organization: Substation Operations

Department: Protective Systems Testing

Section: SUBST OPS PST Cyber/Phys &Comp

Location: NY-Bronx-Mott Haven Substation

Job Description

Mission Statement

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.

Core Responsibilities

  • The Sr. System Cyber Analyst is responsible for contributing, guiding, to the analysis of Cybersecurity incidents and events. The Sr Cyber Analyst will design, install, monitor IT computing infrastructure, provide timely response and troubleshoot alerts generated by various security tools.
  • Assist in the design, development and implementation of Network Systems including cabling, servers, firewalls, routers, HMIs, IED etc. to effectively comply with CIP Standards
  • Assist regional PST areas in matters of CIP compliance. Provide guidance and instruction on performing necessary field activities to meet CIP compliance requirements.
  • Responsible for BES Cyber System Categorization.
  • Maintain databases, records, passwords and baseline configurations associated with BES Cyber Systems.
  • Develop training modules for cyber security training program and aspects of Personnel Risk Assessment Program.
  • Responsible for the designation and management of Electronic and physical security perimeters associated with BES Cyber Systems.
  • Responsible for the management of System Security associated with BES Cyber Systems.
  • Responsible for incident reporting and response planning associated with BES Cyber Systems including but not limited to participation on the NERC Alerts incident team.
  • Administer access management and access revocation of BES Cyber Systems
  • Conduct vulnerability assessments on the BES Cyber Systems.
  • Review and comment on revised NERC CIP standards. Develop required protocols and procedural revisions to address revised NERC CIP standards to ensure continued compliance with such revised standards.
  • Monitor and report on status of compliance with NERC CIP requirements.
  • Represent substation operations in NPCC and NERC related compliance issues both internal to Con Edison and with external organizations such as NYISO, NPCC, NERC, FERC and other neighboring TO's and reliability coordinators.
  • Make compliance program presentations as required and at the executive level.
  • Ensure the timely, accurate and well-documented submittal of data to NPCC, as required to address compliance requirements
  • Perform other related assignments as required.

Required Education/Experience

  • Bachelor's Degree In Engineering, Computer Science, Information Technology, or relevant concentration and three (3) years of IT
  • experience preferably in
  • Cybersecurity or
  • Master's Degree In Engineering, Computer Science, Information Technology, or relevant concentration and two (2) years of IT
  • experience preferably in
  • Cybersecurity

Preferred Education/Experience

  • Bachelor's Degree In Engineering, Computer Science, Information Technology, or relevant concentration
  • Master's Degree In Engineering, Computer Science, Information Technology, or relevant concentration

Relevant Work Experience

  • Requires work experience in any of the following areas: Computer Networking, Cyber Security, Computer Engineering or Information Technologies Required
  • Knowledge and experience in real-time production environments, TCP/IP, active directory, LINUX, SQL servers and oracle. Required
  • Proficiency in Microsoft Office suite and productivity tools is required Required
  • Ability to present at different levels of management Required
  • Strong knowledge of network protocols, network analysis tools, and network architecture is preferred. Preferred
  • Knowledge of vulnerability, threat and risk management and assessment Preferred
  • Scripting knowledge using industry standard scripting tools Preferred

Skills & Ability

  • Strong written and verbal communication skills
  • Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
  • Demonstrated time management and priority setting skills
  • Well organized, detail oriented and flexible to handle multiple assignments
  • Highly thorough and dependable

Licenses & Certifications

  • Driver's License Required
  • Other: Technical certifications (e.g. CISSP, CISM, CIPP etc.) Preferred

Other Physical Demands

  • Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.
  • This position requires local and out-of-town travel and representation of the Company at regulatory meetings including NPCC and NERC meetings.
  • Must be able and willing to travel within Company service territory, as needed.
  • Must be willing and available to be on call, work off shifts, weekends, holidays and overtime as operations and system conditions require.
  • Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.

Technical Difficulty Statement

Equal Opportunity Employer

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.

SHARE: