US:MD:HUGHESVILLE

FULL TIME

Southern Maryland Electric Cooperative has an immediate opening for a Technical Cybersecurity Analyst.

Scope of Position:

The Technical Cybersecurity Analyst is tasked with safeguarding the integrity and resilience of the organization's network infrastructure while simultaneously fulfilling responsibilities related to cybersecurity compliance and risk management. They oversee the implementation and maintenance of security measures, lead efforts to assess and mitigate network vulnerabilities, and ensure adherence to industry standards and regulations. Through collaboration with internal teams and external partners, they work to fortify the security posture of the network, mitigating threats and preserving the confidentiality, integrity, and availability of critical data and systems.

Primary Responsibilities:

* Responsible for advanced TripWire administration and configuration, with a goal towards enhancing and further refining TripWire infrastructure as it relates to application, database, machine logs, troubleshooting, management reporting and customer queries.

* Support and lead vendor integrators coordinating the procurement, design, integration and implementation of the Cybersecurity tools in support of NERC Critical Infrastructure Protection (CIP) for Industrial Control Systems.

* This position will manage a risk-based process for the assessment and mitigation of any information or cyber security risk, consisting of supply chain partners, vendors, consumers and any other third parties.

* Responsible for ensuring accurate and timely resolutions to all assigned issues relating to critical infrastructure security.

* Research, investigate, communicate, and integrate actionable threat intelligence information in Cyber Security Operations and IT systems.

* Facilitate vulnerability scanning, analysis, prioritization and remediation.

* Work effectively with business units to facilitate information security risk assessment and risk management processes and adhere to the SMECO Internal Compliance Program (ICP).

Candidate must be knowledgeable in network and security management and monitoring software; be capable of problem analysis and problem resolution at both a strategic, tactical and operational level; have strong written, verbal skills, project management and technical analysis skills.

The starting salary range for this position is $79,100-$102,600. SMECO offers an excellent benefits program including a 401k 6% dollar for dollar match and additional 3% non-elective company contribution.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Interested candidates should apply via SMECO's website at www.smeco.coop/careers.

REQUIRED SKILLS:

Education:

Bachelor's or advanced degree in Information Technology/Computer Science, Engineering or related field. Experience will be considered in lieu of degree requirement. Information security certifications/qualifications such as CISSP, CISA, CISM, or SANS GIAC are preferred, but not required.

Experience:

Minimum five years progressive work experience in Information Technology, cyber security, programming, computer/server administration, network engineering, and/or technical writing with strong analytical skills, and written and verbal communications skills. Strong knowledge in network and security management, TCP/IP networking, routing and switching, VLANS, VPNs, firewalls, and networking configuration. Proficiency in problem analysis, project management, and technical analysis. Previous experience working for an electric utility with NERC CIP experience/exposure preferred.

Skills:

a.Knowledge in network and security management and monitoring software.

b.Strong understanding and experience TCP/IP networking, routing and switching, VLANS, VPNs, firewalls and networking configuration.

c.Problem analysis and problem resolution at both a strategic, tactical and operational level,

d.Strong written, verbal skills, project management and technical analysis skills.

e.Knowledge of Critical Infrastructure Protection (CIP) or National Institute of Standards and Technology (NIST) policies, procedures, and compliance requirements preferred.