About us: Our company, established in 1990, is a prominent player in the North American power and energy infrastructure sector, with a strong focus on development, investment, and operations. Over the years, we've amassed a portfolio of over 47,000 MW of power generation, spanning various sources including solar, wind, hydro, battery energy storage, and natural gas. Additionally, through our subsidiary LS Power Grid, we've constructed and managed approximately 780 miles of high-voltage transmission lines, with more projects underway. We are committed to driving the energy transition by investing in areas such as electric vehicle charging, demand response, microgrids, and renewable fuels.
Our company's purpose is to tackle complex energy challenges to improve the world, with a mission to create a cleaner and more reliable energy ecosystem. We hold values of integrity, innovation, teamwork, and ownership at our core, and we seek individuals who can contribute to our culture with their skills and experiences.
As an employer, we prioritize the well-being and career growth of our team members, offering comprehensive benefits including 100% employer-paid healthcare and paid parental leave.
The role we're currently offering is for a Senior OT Cyber Security Engineer, focusing primarily on managing Splunk for our Operations Technology (OT) and critical control center systems. The responsibilities include configuring log ingest for compliance with NERC-CIP requirements, troubleshooting performance issues, managing the Splunk infrastructure, creating alerts and dashboards, and ensuring the security solutions are functioning effectively. The ideal candidate will have extensive experience with Splunk administration, cybersecurity tools maintenance, and expertise in scripting or programming languages.
Responsibilities:
- Engaging with system owners and stakeholders to configure log ingestion and ensure compliance with NERC-CIP standards for event logging (EL).
- Aligning system logs with NERC-CIP requirements to facilitate dashboarding of compliance metrics.
- Establishing Splunk Forwarding for newly introduced application tiers.
- Identifying and rectifying inefficient searches/dashboards to enhance performance.
- Troubleshooting issues related to Splunk performance.
- Monitoring and optimizing the Splunk infrastructure for capacity planning.
- Addressing challenges with log feeds, field extractions, and search time.
- Overseeing the Linux environment.
- Developing alerts, dashboards, objects, and integrations.
- Ensuring the security tool remains up to date by updating applications, servers, and related components.
- Implementing solutions using Splunk search language (SPL) and architecture.
- Leveraging scripting or programming languages for integrations and automation.
- Configuring Splunk User Behavior Analytics and Splunk Phantom.
- Drawing on expertise in security engineering and system security integration for risk management.
- Supporting change management processes to maintain security controls.
- Providing engineering support for automating log data ingestion and ensuring its efficacy.
- Developing and maintaining documentation, including SOPs, job aids, and guidance documents.
- Coordinating activities with support contractors and external security service providers.
- Proposing and implementing enhancements for system upgrades and new services.
- Undertaking implementation, administration, operations, maintenance, optimization, and integration of cybersecurity tools, technologies, and services.
Qualifications:
- A growth mindset with a keen interest in technology and a passion for challenging projects.
- 5+ years of experience in Splunk administration.
- 5+ years of experience in security operations, maintenance, and advancement of enterprise cybersecurity tools.
- Certification as a Splunk Enterprise Core Consultant, Certified Architect, or Splunk Cloud Certified Admin.
- Proficiency in scripting or programming languages such as Python, Java, Unix Shell Scripts, C, or C++.
- A bachelor's degree in computer science, Information Systems, Mathematics, Engineering, or equivalent experience in IT (8 years).
- Certification in Security+, CISSP, CISA, or an equivalent certification.
If you have a growth mindset, a passion for technology, and enjoy tackling challenging projects, we invite you to apply for this position.
