WG+E is accepting applications for the position of Information Security Analyst ($65,133-$95,052)

This position is responsible for the overall information security position of the business including vulnerability scans and penetration tests on organizational systems, operates and monitors network and host-based intrusion detection/prevention systems, recommends security solutions, advises on systems and application-level security configurations, and investigates and mitigates security risks as required.

Duties and Responsibilities include (but are not limited to):

· Security Analysis: Conduct thorough assessments of the organization’s systems, networks, and applications to identify security vulnerabilities and weaknesses.

· Incident Response: Respond promptly to security incidents, including malware infections, data breaches, and unauthorized access attempts. Investigate root causes and implement corrective actions to mitigate risks.

· Security Monitoring: Monitor network traffic and system logs for signs of suspicious activity or potential security breaches. Utilize intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) tools to detect and respond to threats.

· Risk Assessment: Evaluate the security risks associated with innovative technologies, systems, and applications. Provide recommendations for risk mitigation strategies and security best practices.

· Security Policies and Procedures: Develop, implement, and enforce security policies, procedures, and standards to ensure compliance with industry regulations and best practices.

· Security Awareness Training: Champion for security awareness training sessions for employees and con to educate them about cybersecurity threats, best practices, and proper use of security tools and technologies.

· Penetration Testing: Schedule, annual penetration testing and vulnerability assessments to identify weaknesses in the organization’s defenses. Recommend remediation measures to address identified vulnerabilities.

· Security Compliance: Ensure compliance with relevant cybersecurity regulations, standards, and frameworks such as General Data Protection Regulation GDPR, Health Insurance Portability and Accountability Act HIPAA, International Security Standard/National Institute of Standards and Technologies ISO/NIST 27001 and North American Electric Reliability Corporation/Federal Energy Regulatory Commission NERC/FERC utility cybersecurity standards.

· Security Architecture Review: Collaborate with organizations departments to review and assess the security architecture of new systems, networks, and applications. Provide recommendations for implementing security controls and mitigating risks.

Qualifications & Entrance Requirements include:

· Bachelor’s degree and 1 year of experience or equivalent professional experience. Prefer degree concentration in: Computer Information Systems, Management Information Systems, Computer Science, Technical Writing or Business.

· In-depth knowledge of cybersecurity principles, technologies, and best practices.

· Strong analytical skills and attention to detail, with the ability to analyze complex data and identify patterns and trends.

· Excellent organizational and communication skills (both oral and written).

· Understanding and background with Intrusion Detection Systems and SIEM products.

· Understanding and background with security specific standards for firewalls and networking.

· Excellent time management skills.

· Ability to present and explain complex technical topics, problems, alternative solutions to others.

· Interpreting Vulnerability Assessments.

· Knowledge and security testing procedures for Operational Technology OT, Industrial Control Systems ICS and Supervisory Control and Data Access SCADA technologies.

A very generous benefit package accompanies job offer, although relocation services are not provided. Please, no phone calls. Candidates are requested to complete an application found online. Employment applications will be accepted through July 8, 2024.