Security Analyst

At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams. Apply here to start an extraordinary career today.

The candidate must have a strong solid understanding of the NERC CIP Standards as well as audit controls and testing methodologies. In addition a strong solid understanding of computer networking concepts is required. The primary duties and responsibilities include:

• Assist in the design and development of Security implementations
• Develop and implement standards and operating procedures
• Supervise critical components of the assets which make up AES BES Cyber Systems.
• Maintain accurate change management documentation for all hardware and software modifications
• Conduct routine hardware and software audits of all supported security devices to ensure compliance with established standards, policies, procedures, and requirements
• Participate in the Cyber Incident Response Team (CIRT)

Lead and ensure the fulfillment of team responsibilities including:

• Perform all required operational maintenance and troubleshooting of supported security assets
• Perform daily backup and recovery operations for the supported security assets
• Participate in disaster recovery planning, development, exercises, and actual events
• Evaluate and test software changes and updates supplied by vendors, prior to installation
• Work with vendors, application developers, database administrators, corporate IT, and other technology groups to resolve any problems
• Participate in budgeting and purchasing processes
• Other duties as assigned**

Qualifications

• This position will require excellent problem solving and decision making skills, the ability to work with minimal direction, and the ability to perform duties efficiently under emergency situations. The candidate must possess a proficiency in the following security related areas:

• Firewalls, Intrusion Detection Systems, network switches, network routers, network design, VPN implementation, TCP/IP communication, writing information security policies, performing information security assessments, computer forensics, anti-virus, patch evaluation, event monitoring systems, and virtual environments and network analysis. Strong LAN/WAN infrastructure knowledge, technical writing skills and comprehension of technical manuals preferred.

• The incumbent must have excellent planning, interpersonal, verbal and written communication skills and must have the ability to express sophisticated technical concepts optimally, both verbally and in writing. The incumbent must have the ability to work well with people from varying disciplines with varying degrees of technical experience. This position requires a detailed understanding of diverse system and network architectures.

• A graduate degree in Computer Science, Information Systems, Engineering or other related field is helpful. Certification(s) in Information Security; CISSP, CISM, ISSEP, CISA or SANS and technical certification in Cisco, Microsoft, Linux or Unix preferred.

Preferred: An ideal candidate would have experience in the Energy or Utility industry, experience supporting a 24 x 7 real time operations environment, experience supporting systems subject to regulatory compliance requirements, or experience with FERC, NERC, and/or a NERC Regional Entity.

AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion. Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work. All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and/or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law. E-Verify Notice: AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

Safety comes first at AES. To protect the health and safety of our people, customers, communities and partners, and to provide and maintain a workplace that is free of known hazards, AES requires all newly-hired people or current AES people applying for U.S.-based role(s), to be fully vaccinated against COVID-19 or be willing to be fully vaccinated against COVID-19 by their date of hire. Except where prohibited by law or not specifically covered in a collective bargaining agreement, new hires and transfers will be required to provide proof of vaccination during onboarding and periodically thereafter. This policy will comply with all applicable laws and is based on guidance from the Centers for Disease Control and Prevention and local health authorities, as applicable.