CYBERSECURITY ENGINEER - ASSOC-SR

Company Overview

El Paso Electric (EPE) is a regional energy provider that is engaged in generation, transmission, and distribution service to power approximately 460,000 customers in a 10,000-square mile area of the Rio Grande Valley in west Texas and southern New Mexico. We invite you to visit epelectric.com to learn more about EPE and our strategic initiatives. Join our EPE Team, and TOGETHER, we will transform the energy landscape.

DATE POSTED: DECEMBER 17 2024, CLOSING DATE: JANUARY 05, 2024

GRADE LEVEL: 52-54

DEPARTMENT: CYBERSECURITY TECHNOLOGY

STARTING SALARY: $67,400 - $120,000 Salary is commensurate with experience.

Job Family Summary Purpose

The Cybersecurity Engineer role involves designing, implementing, and managing security systems to protect systems, applications, and data for critical Operational Technology (OT) environments, including Energy Management Systems (EMS), datacenters, transmission substations, and power generation plants. This role will ensure systems security, regulatory compliance, and efficient project management to support the company's technology and business objectives.

EDUCATION

Bachelor's Degree from an accredited college or university in Computer Engineering, Computer Science, Information Technology, Cybersecurity, or equivalent related education, training, and experience.

Experience

0-5 or more years of experience

Key Job Responsibilities

Must possess required knowledge, skills, abilities and experience and be able to explain and demonstrate with or without a reasonable accommodation that the essential functions of the job can be performed.

Minimum Knowledge, Skills & Abilities

• Cybersecurity Expertise:
• Demonstrated proficiency with Cybersecurity tools and concepts, including (but not limited to) anti-virus software, SIEM, malware detection, firewalls, encryption solutions, and penetration testing.
• Strong understanding of cybersecurity principles and practices, with experience in regulatory compliance (e.g., NERC CIP, PCI DSS, HIPAA, FISMA, SOX).
• Experience implementing, managing, and ensuring compliance with regulatory/industry security standards.
• Technical Skills:
• Knowledge of infrastructure technology (servers, routers, switches, firewalls, workstations, IT security, etc.).
• Strong understanding of firewalls, encryption, SIEM, IDS/IPS, VPN technologies, Anti-malware, Detection and Response, and software deployment tools.
• Hands-on experience with configuring and managing security systems, including SIEM, Anti-malware, Detection and Response, IPS, and software deployment tools.
• Proficiency in Windows-based environments, Active Directory, and network administration.
• Problem Solving & Analytical Skills:
• Analytical mindset and problem-solving ability.
• Ability to perceive, analyze, and resolve complex cybersecurity issues.
• Communication & Collaboration:
• Strong communication skills for cross-team collaboration.
• Ability to work in a team environment and independently manage work assignments.
• Technical Tools:
• Knowledge of cybersecurity and network monitoring tools, with proficiency in Microsoft Office applications (Word, Excel, Visio, PowerPoint).
  

Essential Job Functions

• Cybersecurity Infrastructure Management
• Design, configure, manage, and/or monitor EMS/OT cybersecurity systems to protect networks, systems, applications, and
• System Implementation & Integration:
• Plan, lead, coordinate with vendors and internal customers, and execute system implementation, integration, quality assurance, testing, and change management for maximum security and efficiency.
• Systems Security:
• Perform vulnerability assessments, penetration testing, and threat modeling.
• Monitor and analyze security logs, alerts and events, detecting and responding to security threats in real-time.
• Technical Documentation:
• Provide accurate documentation of cybersecurity measures and controls.
• Maintain change management documentation for all hardware and software modifications to ensure compliance.
• System Evaluation & Improvement
• Collaborate with OT and stakeholders to integrate security best practices into systems architecture
• Evaluate and propose improvements or replacements for cybersecurity systems, considering benefit, risk, and cost factors.
• Ensure compatibility and adherence to compliance and operational requirements
• Incident Response & Problem Resolution
• Monitor cybersecurity tools like SIEM and IDS/IPS for abnormal activity and respond to incidents promptly.
• Develop incident response protocols, investigate security breaches, and mitigate attacks
• Vendor & Contract Management
• Maintain contracts with vendors for cybersecurity software and hardware maintenance, and services.
• Work with vendors, application developers, and corporate IT to troubleshoot and resolve technology issues.
• Disaster Recovery & Backup Planning:
• Plan, develop, and implement Disaster Recovery procedures and policies for OT systems.
• Ensure regular backups of all critical systems are completed and validate system recovery testing activities.
• Create scenarios for disaster recovery exercises and actual events.
• Compliance & Governance:
• Ensure compliance with security standards (NERC), perform compliance activities regularly, and provide risk assessments.
• Generate and maintain systems documentation and reports as required by regulatory standards.
• Actively participate in preparation and execution of NERC Audits.
• Training & Technical Resource:
• Passion for continuous learning and staying ahead of cyber threats.
• Stay up to date with the latest cybersecurity trends, tools, and regulations (e.g., NERC CIP, NIST).
• Serve as a technical resource and provide training for new employees on EMS, related systems, and cybersecurity tools.
• Valid driver’s license and be in compliance with the Company’s Driving Program policy.
• Complies with all applicable Company policies, procedures and code of ethics as well as all applicable governmental laws and regulations to include employment, safety and environmental standards and regulations.
• Perform other related tasks that are not included but are within the context of the duties defined.
  

WORK ENVIRONMENT

• The incumbents in this classification are not substantially exposed to adverse environmental conditions; primary work environment is typically an office or administrative nature.
• May work non-standard hours.
• May require travel to Company work sites.
• May require out of town travel.
  
  

PHYSICAL DEMANDS

• Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. Use of arm and/or leg controls requires exertion of force.
• Climbing: Ascending or descending ladders, stairs, scaffolding, ramps, poles and the like, using feet and legs and/or hands and arms.
• Balancing: Maintaining body equilibrium to prevent falling when walking, standing or crouching on narrow, slippery or erratically moving surfaces.
• Stooping: Bending body downward and forward by bending spine at the waist.
• Kneeling: Bending legs at knee to come to a rest on knee or knees.
• Crouching: Bending the body downward and forward by bending leg and spine.
• Crawling: Moving about on hands and knees or hands and feet.
• Reaching: Extending hand(s) and arm(s) in any direction.
• Standing: Particularly for sustained periods of time.
• Walking: Moving about on foot to accomplish tasks.
• Lifting: Raising objects from a lower to a higher position or moving objects horizontally from position-to-position.
• Fingers: Picking, pinching, typing or otherwise working, primarily with fingers rather than with the whole hand or arm as in handling.
• Grasping: Applying pressure to an object with the fingers and palm.
• Feeling: Perceiving attributes of objects, such as size, shape and temperatures or texture by touching with skin, i.e., fingertips.
• Talking: Expressing or exchanging ideas by means of the spoken word; those activities in which detailed or important spoken instructions must be conveyed to other workers accurately, loudly or quickly.
• Hearing: Ability to receive detailed information through oral communication, and to make fine discriminations in sound, such as when making fine adjustments on machined parts.
  
  

If interested in applying for this position, you must apply on-line by the end of day on JANUARY 05, 2024.