CIP Security Information Analyst
Company Name:
NorthWestern Energy
_SUMMARY OF JOB DESCRIPTION
_
The position, CIP Security Information Analyst, is a valuable part of the Business Technology Security Team. The successful candidate will work in a team environment to provide support for Northwestern Energy's security architecture, inclusive of both interior and exterior environments. Fundamental knowledge of general security best practices with regards to servers, networking, firewalls, virtual private networking, PC's, and applications is a must have.
Excellent oral and written communication skills are essential. In addition, the successful candidate must be a self-starter that pursues self-education, is customer focused, supports the organization's goals and values, and is willing to work extended hours as necessary. The successful candidate is expected to travel with a laptop computer and other necessary peripherals. The expectation is that if hired the employee will take laptop home each night for on-call support and disaster recovery purposes. Each member of the Business Technology Security Team is required to participate in an on-call rotation.
_DESCRIPTION OF ESSENTIAL FUNCTIONS
_
All NorthWestern Energy employees are required to adhere to company safety standards and the Code of Business Conduct & Ethics
Ensure all actions are consistent with NorthWestern Energy's values, mission, and strategic business objectives
_Security Team Support
_
Responsible for security awareness training (The ability to deliver training to small to large groups of employees)
The basic understanding of what's next and having the vision to bring ideas forward to be shared openly
Understanding of a virtual architecture, including virtual delivery of applications and desktops would be helpful
Fundamental understanding or demonstrated knowledge of firewalls, network access controls, intrusion detection/prevention, wireless networking and security as well as Anti-virus, malware detection systems
Knowledge of security principles and best practices such as the National Institute of Standards (NIST), Department of Defense (DOD) Defense in Depth Strategy as well as International Information Systems Security Certification Consortium (ISC)
Understanding and acceptance of the good enough security principles of the Certified Systems Security Professional (CISSP) curriculum
Fundamental understanding of Windows server operating systems
Demonstrated working knowledge of Active Directory or other user provisioning platform
Ensure integrity and security of server environment
Working understanding of Group Policy would be beneficial
Experience with SAP security would be beneficial
Strong understanding of a high availability architecture is essential
Monitoring of security environment using industry monitoring tools such as a SEIM solution is required
Monitor security solutions and respond to issues, including after hours & weekends
Proven ability to troubleshoot complex technical issues is required
Must follow defined processes to resolve incidents, requiring the use of incident management system.
Perform off-hour maintenance work on nights and weekends
Proven data analytics and management skills are required
Follow change management procedures and policies in developing and implementing changes
The ability to act independently within the confines of a team is required
Occasional travel will be required (day trips and overnight)
_Customer Service Support_
Strong customer service skills required
Ability to tell a customer no is essential
Respond to requests via telephone, in person, email, or help desk tickets
Respond timely to requests, resolving issues, and documenting changes within established parameters and escalating those which need higher level review
_
_
_General Business Technology Support_
Adhere to Northwestern Energy's Professional Knowledge Worker Competencies
Comply with internal controls, policies, practices, procedures, and standards
Work with other BT staff on projects and troubleshooting problems
Strong understanding of network infrastructure, including all layers of the OSI model.
Understanding of TCP/IP, routing, and multi-site network design
Understanding of the CIA (Confidentiality, Integrity and Availability) Triad
Fundamental understanding of Critical Infrastructure Protection (CIP) standards
Fundamental understanding of application and database architecture relevant to security
This job description reflects management's assignment of essential functions and key responsibilities. It does not prescribe or restrict responsibilities that may be assigned.
_GENERAL QUALIFICATIONS
_
Must be able to demonstrate a good safety record
Must possess strong interpersonal communication skills
Bachelor's degree from four-year accredited college with some related experience or equivalent combination of education and experience
Must be of the highest character
Ability to develop positive customer, team, and leadership relationships to facilitate Business Technology business partnerships
Must be able to work in a team environment and adapt to changing responsibilities and priorities
Must be able to continually learn and enhance technical skills and knowledge
Must have strong organization skills to coordinate workload and individual development
Must have strong written and oral communication skills
Must be a free thinker with the ability to find and present creative security solutions to customers who are often unaware of security requirements
_SELECTION PROCESS
_
When considering applicants for this position, the selection process will take into consideration the needs of NorthWestern, including such factors as reorganization requirements, diversity opportunities, relocation requirements, employee development and job succession. If any of the preceding language conflicts with the applicable bargaining unit agreements, the bargaining unit agreement will prevail.
_
_
_APPLICATION PROCEDURES_
External applicants should apply online at . Internal applicants should apply online at iConnect. In compliance with the ADA Amendments Act, should you have a disability that requires assistance and/or reasonable accommodation with the job application process, please contact the Human Resources department via phone at , or via email at job. .
Title: CIP Security Information Analyst
Department/Division: FI - Business Technology
Work Location: Butte, MT
Guidepost: 5-8 ($38,300 to $98,900)
Employment Status: Regular Full-Time
Employment Physical: Not Required
Drug Test: Required
Background Check: Required
Relocation Benefit: NegotiableEstimated Salary: $20 to $28 per hour based on qualifications.
NorthWestern Energy
_SUMMARY OF JOB DESCRIPTION
_
The position, CIP Security Information Analyst, is a valuable part of the Business Technology Security Team. The successful candidate will work in a team environment to provide support for Northwestern Energy's security architecture, inclusive of both interior and exterior environments. Fundamental knowledge of general security best practices with regards to servers, networking, firewalls, virtual private networking, PC's, and applications is a must have.
Excellent oral and written communication skills are essential. In addition, the successful candidate must be a self-starter that pursues self-education, is customer focused, supports the organization's goals and values, and is willing to work extended hours as necessary. The successful candidate is expected to travel with a laptop computer and other necessary peripherals. The expectation is that if hired the employee will take laptop home each night for on-call support and disaster recovery purposes. Each member of the Business Technology Security Team is required to participate in an on-call rotation.
_DESCRIPTION OF ESSENTIAL FUNCTIONS
_
All NorthWestern Energy employees are required to adhere to company safety standards and the Code of Business Conduct & Ethics
Ensure all actions are consistent with NorthWestern Energy's values, mission, and strategic business objectives
_Security Team Support
_
Responsible for security awareness training (The ability to deliver training to small to large groups of employees)
The basic understanding of what's next and having the vision to bring ideas forward to be shared openly
Understanding of a virtual architecture, including virtual delivery of applications and desktops would be helpful
Fundamental understanding or demonstrated knowledge of firewalls, network access controls, intrusion detection/prevention, wireless networking and security as well as Anti-virus, malware detection systems
Knowledge of security principles and best practices such as the National Institute of Standards (NIST), Department of Defense (DOD) Defense in Depth Strategy as well as International Information Systems Security Certification Consortium (ISC)
Understanding and acceptance of the good enough security principles of the Certified Systems Security Professional (CISSP) curriculum
Fundamental understanding of Windows server operating systems
Demonstrated working knowledge of Active Directory or other user provisioning platform
Ensure integrity and security of server environment
Working understanding of Group Policy would be beneficial
Experience with SAP security would be beneficial
Strong understanding of a high availability architecture is essential
Monitoring of security environment using industry monitoring tools such as a SEIM solution is required
Monitor security solutions and respond to issues, including after hours & weekends
Proven ability to troubleshoot complex technical issues is required
Must follow defined processes to resolve incidents, requiring the use of incident management system.
Perform off-hour maintenance work on nights and weekends
Proven data analytics and management skills are required
Follow change management procedures and policies in developing and implementing changes
The ability to act independently within the confines of a team is required
Occasional travel will be required (day trips and overnight)
_Customer Service Support_
Strong customer service skills required
Ability to tell a customer no is essential
Respond to requests via telephone, in person, email, or help desk tickets
Respond timely to requests, resolving issues, and documenting changes within established parameters and escalating those which need higher level review
_
_
_General Business Technology Support_
Adhere to Northwestern Energy's Professional Knowledge Worker Competencies
Comply with internal controls, policies, practices, procedures, and standards
Work with other BT staff on projects and troubleshooting problems
Strong understanding of network infrastructure, including all layers of the OSI model.
Understanding of TCP/IP, routing, and multi-site network design
Understanding of the CIA (Confidentiality, Integrity and Availability) Triad
Fundamental understanding of Critical Infrastructure Protection (CIP) standards
Fundamental understanding of application and database architecture relevant to security
This job description reflects management's assignment of essential functions and key responsibilities. It does not prescribe or restrict responsibilities that may be assigned.
_GENERAL QUALIFICATIONS
_
Must be able to demonstrate a good safety record
Must possess strong interpersonal communication skills
Bachelor's degree from four-year accredited college with some related experience or equivalent combination of education and experience
Must be of the highest character
Ability to develop positive customer, team, and leadership relationships to facilitate Business Technology business partnerships
Must be able to work in a team environment and adapt to changing responsibilities and priorities
Must be able to continually learn and enhance technical skills and knowledge
Must have strong organization skills to coordinate workload and individual development
Must have strong written and oral communication skills
Must be a free thinker with the ability to find and present creative security solutions to customers who are often unaware of security requirements
_SELECTION PROCESS
_
When considering applicants for this position, the selection process will take into consideration the needs of NorthWestern, including such factors as reorganization requirements, diversity opportunities, relocation requirements, employee development and job succession. If any of the preceding language conflicts with the applicable bargaining unit agreements, the bargaining unit agreement will prevail.
_
_
_APPLICATION PROCEDURES_
External applicants should apply online at . Internal applicants should apply online at iConnect. In compliance with the ADA Amendments Act, should you have a disability that requires assistance and/or reasonable accommodation with the job application process, please contact the Human Resources department via phone at , or via email at job. .
Title: CIP Security Information Analyst
Department/Division: FI - Business Technology
Work Location: Butte, MT
Guidepost: 5-8 ($38,300 to $98,900)
Employment Status: Regular Full-Time
Employment Physical: Not Required
Drug Test: Required
Background Check: Required
Relocation Benefit: NegotiableEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
