The IT Associate Security Engineer will support the Security Program protecting Eversource Operational Technology (OT) systems. The IT Associate Security Engineer will administer computer assets, networks and information systems that support Critical Infrastructure. This position will also support the security controls and team running the NERC CIP compliance requirements for Eversource’s Critical Infrastructure.
•Assists and represents the Eversource CIP program in audit situations and regional compliance committees.
•Provides training to OT employees on cyber security and compliance applications and tools.
•Supports the implementation of cyber security policies, architectures, technical standards, technical controls, security solutions, guidelines, procedures, and other elements necessary to maintain security and compliance posture.
•Follows industry standards, regulatory requirements and the potential impacts to Eversource OT policies, standards, and procedures.
•Supports security projects and day to day security controls supporting Eversource Operational Technology. Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management. Recommend effective process changes to enhance defense and response procedures. Evaluate, test and select security tools, evaluation products and control products.
•Performs OT Security Engineering functions including secure software / hardware design and implementation, software installation, configuration, testing, and documentation, software upgrades, maintenance and security administration.
•Provides technical support including trouble shooting and problem resolution.
•Responsible for network analysis, administration, and configuration.
•Operating system, related software products, application and data backup and recovery and disaster recovery.
•Performance analysis, tuning and capacity planning.
Technical Knowledge/Skill: Experience with one or more of the following is preferred: security perimeter technology, Operating System security, logging and monitoring tools, malware prevention, policy and procedure, Active Directory, risk assessments, security awareness, or related information security subject area. Must have an ability to develop an understanding of Security Standards, Industrial Control Systems and underlying principles of networking, infrastructure and system integration.
A Bachelor’s degree in Information Technology or a related technical field. Degree in Information Security or security certification preferred.
Zero (0) to three (3) years of experience in the field of information technology or security is preferred.
Licenses & Certifications:
None Required. Security +, CISSP, or other IT certifications a plus.