General Overview:

At an expert level, directly administers Information Technology/Operational Technology (IT/OT) support and maintenance for / enterprise cyber technology and supporting systems. Applies the technical expertise necessary to ensure the continuity and security of / industrial control systems (ICS), supervisory control and data acquisition (SCADA) and critical cyber assets. Serves as the primary onsite IT/OT contact for all areas including configuration, security control implementation, patch management, hardware/software management, vulnerability remediation, and system configuration documentation.

Maintains understanding of applicable NERC-CIP standards sufficient to generate accurate and timely compliance documentation for assigned facilities. Implements and manages processes, initiatives and technologies as directed by leadership and the Information Security Office (ISO). This position requires specialized depth and/or breadth of expertise. Interprets business issues and recommends best practices. Solves complex problems; takes a broad perspective to identify innovative solutions. Works independently, with limited guidance. May lead functional teams or projects.

• Acts as the liaison for work coordination between IT, ISO and plant
• Leads the design, development, testing, monitoring and implementation of IT/OT systems including hardware, software applications, endpoint devices, operating systems and network connections for assigned technology
• Contributes to a secure IT/OT control system
• Configures and manages supporting IT/OT systems to satisfy security
• Visually inspects and logs in to various IT and OT network devices and tools to determine communication flows and
• Performs and maintains asset inventory of all ICS and DCS equipment within given geographical
• Administers all account management, patching, maintenance, monitoring, upgrades, back-up, replacement and decommissioning of assigned
• Administers transient cyber asset and removable media
• Collaborates with onsite operations staff to assimilate operational technology needs and facilitate an IT/OT architecture that satisfies performance and security
• Designs, drafts and implements, follows and maintains backup, recovery, disaster recovery and monitoring processes, procedures and plan for software
• Designs, drafts, updates, follows and maintains work instructions relating to all patching, updating, and backup and recovery tasks as well as others, in management
• Documents changes made to systems or equipment through appropriate communications and record keeping practices. Documents work into logs, files, system prints and other records and through communications, both oral and written, with other team members, the plant staff, and security staff supervision as
• Composes NERC-CIP compliance documentation for assigned technology assets, processes, procedures and
• Maintains proficiency of regulatory standards and industry frameworks including but not limited to NIST 800 series, ISA, ANSI, IEEE, NERC CIP, ISO 27000,
• Performs work by traveling independently or with a small crew to various locations (substations, power plants, water systems, ) as scheduled, or on an emergency basis.

This general overview only includes essential functions of the job and does not imply that these are the only duties to be performed by the employee occupying this position. Employees will be required to follow any other job-related instruction and to perform any other job-related duties requested by supervisor or management.

Minimum Qualifications:

Twelve or more years of experience in installation, maintenance and/or monitoring of controls, SCADA, ICS, DCS, PLC, RTU, network, security monitoring, and/or Server/Endpoint system administration.

A degree(s) in computer science, information technology, electronics, instrumentation, SCADA, engineering technology, cyber security or relevant field may be substituted per / guidelines for certain years of experience.

Driver’s license required if traveling to work at various locations

Preferred Qualifications:

• Technology Certification(s) such as ISA, CISM, CISSP, GIAC, CCNA,
• Knowledge of cyber security standards such as NIST 800 series, ISA, ANSI, IEEE, NERC CIP, ISO 27000 series, COBIT
• Understanding of NERC-CIP standards as they pertain to the utility industry, especially for low impact assets
• Experience in the energy or utility sectors
• Experience using Service Now, Maximo, or other asset inventory management system
• Advanced Excel skills
• Advanced Visio skills
• Understanding of TCP/IP networking and the uses of switches, firewalls and routers
• Understanding of how to analyze firewall rules, recommend changes and document justications
• Knowledge of relational databases
• Knowledge of computers, network components, operating systems and software applications related to EMS, GMS, ICS or DCS

Required Knowledge for the role

• Knowledge of UNIX, UNIX shell and/or Windows-based programming
• Knowledge of analog and digital circuitry
• Knowledge of computer networking principles and design
• Knowledge of PLC’s and DCS digital control system networking
• Knowledge of human-machine interface software and systems
• Knowledge of control systems and equipment (e.g., distributed control systems, programmable logic controllers)
• Knowledge of monitoring systems
• Knowledge of PLC’s and DCS digital control system networking
• Knowledge of the National Electrical Code or National Electrical Safety Code
• Knowledge of change management techniques associated with new technology implementation
• Knowledge of enterprise, network, system, and application level security engineering principles

Skills and Abilities required:

• Skill in using work management systems
• Skill in the use of computers to patch, scan, and monitor other electronic programmable devices
• Skill in analyzing and solving problems
• Skill in analyzing adequacy of security designs
• Skill in debugging programs
• Skill in reading and interpreting diagrams and prints
• Skill in reading and following device manuals
• Skill in implementation and maintenance of multifactor and remote access systems
• Skill in implementation of SIEM, malware, spyware and other security measures for cyber security
• Skill in communicating effectively with team members, supervision/management and external organizations under normal and emergency conditions
• Skill in articulating technical information to both technical and non-technical audiences
• Skill in office productivity applications (such as email, word processing, spreadsheets, )
• Skill in providing customer service
• Skill in troubleshooting
• Ability to update physical and logical network drawings
• Ability to work in a team environment
• Ability to balance and manage competing high priority work demands
• Ability to observe and adapt to plant specific communication, safety, procedural and organizational changes and requests as

Work Environment:

• Works hours are primarily spent in an industrial/plant facility
• Some work hours are spent in a data center environment, which includes exposure to below normal temperatures
• Work involves response to emergencies via text, email, phone or in-person, during standard and non- standard hours, including unplanned weekend, holidays and after hours or emergency response
• Work involves exposure to noise
• Work involves exposure to various and sometimes extreme weather conditions
• Work involves traveling to other facilities within / portfolio
• Work may involve heights up to 450 feet, or underground in cable vaults
• Work involves close proximity to energized high-voltage electrical equipment
• Work requires use of protective equipment
• Work may involve proximity to equipment containing hazardous chemicals and wastes
• Work involves exposure to high speed rotating machinery
• Work may involve exposure to high temperature/high pressure vessels

Physical Demands:

• Frequent finger/hand manipulation in using a keyboard, mouse, hand tools and operating equipment
• Occasional climbing, crawling, crouching or other non-sitting positions in performing identification of equipment or cabling
• Lifting up to 50 pounds very infrequently from the floor to the waist less than 5% of the time
• Climbing of ladders less than 5% of the time
• Working in tight, cramped spaces such as electrical cabinets or server racks approximately 40% of the time
• Significant time at workstation fulfilling obligations of the role on a computer