This position is a part time entry level Cybersecurity Engineer position working in SMUD's Integrated Security Operations Center (ISOC). Cybersecurity Engineers in SMUD's ISOC analyze the data collected from cyber defense tools to investigate, analyze, and respond to threats and cyber incidents for IT and OT cyber assets.
Purpose
Provides specialized enterprise-wide cybersecurity Engineering to assist with maintaining an acceptable level of cyber and privacy risk while ensuring the cybersecurity and resilience of SMUD's Information, IT and OT systems, and network infrastructure.
A cybersecurity Engineer at SMUD has a vital role in our cybersecurity program to protect and manage the cyber and privacy risk to our people, process and technology. Cybersecurity Engineer at SMUD provides physical, technical, and administrative control engineering to protect the confidentiality, integrity, and availability of our IT and OT cyber assets.
This classification is comprised of four levels: Level "E" is the entry level where incumbents acquire knowledge, skills and abilities to perform the tasks associated within the series. The incumbent is promoted/progressed to level "J" upon demonstrating the required skills and knowledge to independently perform the full scope of the job. The Senior "Sr" level is comprised of the advanced journey level resource who is responsible for the advanced assignments. The Principal level is comprised of the subject matter expert/lead level and is responsible for the leading of the most advance work. Promotion to the Senior or Principal level is not through a progression and will happen through SMUD's standard civil service hiring process.
This is a progressive series and incumbents hired at the entry level are required to successfully progress to the journey level within 60 months of appointment to remain within the job series.
Major Duties & Responsibilities
- Responsible for the design, development, implementation, and/or integration of SMUD's security architecture, system, or system components for use within IT and OT environments. Ensures that the architecture and design of SMUD's IT and OT are functional and secure.
- Provides network and systems security engineering, design engineering, security tests and evaluations, and risk assessments for OT and enterprise-level IT systems, including risk management, vulnerability assessments, security assessments, strategy and project development, network architecture designs, and monitoring solutions.
- Enhance enterprise cybersecurity program by developing technical security requirements and technical security control implementation guidance for IT/OT network infrastructure to include hardware, software, and services.
- Applies technical experience and knowledge on routing, switching, MPLS, SONET/SDH, Frame/Relay, Telecommunications, Wireless (Microwave & LTE) and Radio technologies.
- Maintain skills implementing and/or operating security and networking technologies: Application Security Scanners, Endpoint Protection, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing & Logging, Vulnerability Management, and Virtual Private Networking technologies such as IPSEC, SSL/TLS, SSH, site to site and network to network.
- Advise on the design and innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture, to include security solutions utilized in SCADA/Control systems environments, applying working knowledge of ICCP, DNP3, MODBUS and other common IEC utility protocols such as IEC-60870-5, IEC-61850.
- Maintain technical knowledge of TCP/IP, DNS, SMTP, HTTP, FTP, SNMP, Active Directory, LDAP, Ethernet, Wireless LAN, and other WAN/LAN Protocols.
- Apply knowledge and functional experience with IDS/IPS, WAF, ADC, firewall, VPN across a wide range of complex architectures, platforms and mediums.
- Review and/or monitor network and system activity and analyze evidence of suspicious behavior to identify and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
- Other related duties as assigned
Minimum Qualifications
Education:
Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e Computer Science, Systems Engineering, Electrical Engineering) or equivalent experience.
Entry: If no degree, 5 years of experience required.
Experience:
Entry: One (1+) or more years of progressively relevant professional or technical experience in cybersecurity and/or information security.
Knowledge Of:
Principles and practices of cybersecurity and information technology systems. Principles and practices of system security engineering, design, development, analysis, testing and security administration. Methods and techniques of evaluating security and privacy requirements and developing secure solutions for SMUD systems. Methods and techniques of developing data security, integrity, backup and recovery processes. Project management methodologies. Principles and practices of systems and procedures analysis and design. English composition and business writing and vocabulary standards; methods and techniques for report preparation and writing; methods and techniques for record keeping; modern office practices and procedures.
Skill To:
Problem solve, analytical and troubleshooting capabilities; ability to learn new skills quickly with minimal guidance; ability to achieve project schedules and milestones; work in a team environment with aggressive deadlines and multiple priorities while staying a team player; facilitation and presentation skills; strong verbal and written communication skills as well as strong interpersonal skills; ability to listen, learn, speak up, and mentor; attention to detail; skill to work with different groups and diverse projects as a partner; skill to perform privacy and/or security reviews including regulatory and industry assessments, risk analyses, information inventory and data mapping, vendor management security assessments, and additional privacy or cybersecurity compliance related projects.
Desirable Qualifications
- Ability to accurately define incidents, problems, and events in the trouble ticketing system.
- Ability to monitor system operations and react to events in response to triggers and/or observation of trends or unusual activity.
- Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
- Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
- Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of incident response and handling methodologies.
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
- Knowledge of operating system command-line tools.
- Skill in using security event correlation tools.
Licenses/Certificates
Professional certifications with an emphasis on Cybersecurity, Information Security, Security and/or Network Administration, or Audit (e.g., CISSP, GSLC, GCIP, CASP, CRISC, CIPP, CIPT, CAP, GSEC, GICSP, GCUX, GMOB, GLEG, GRID, CEH, CPEN, SSCP, CCSP, CSSLP, GSNA, CCNA, CCIE, CISM, CISA, CIA, CompTIA Security+) required or must be able to obtain and maintain an industry recognized certification within one year of hire.
Physical Requirements
Applicants must be able to perform the essential job functions with or without a reasonable accommodation.
The health and wellbeing of our employees and our community is our top priority. SMUD follows CDC guidance and adheres to all local, county and state orders. To this end, if you are scheduled to come on a SMUD campus, you will need to monitor your health (ensuring your temperature is below 100.4° and you're free of COVID-19 symptoms), wear a face covering, and adhere to social distancing guidelines.
Job Code: 50167103 CYBER SECURITY ENGR (E)
Sacramento Municipal Utility District
6201 S St
Sacramento
California United States
www.smud.org
