Share this Job

Senior Cyber Security Analyst - Power Generation Controls and Operational Technology (Richmond, VA)

At Dominion Energy we love our jobs.  That’s right.  Love.  Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate.  These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever.  We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent?  Do you think differently?  Do you want to fall in love with your job? If you answered “yes,” then read on!

 

"The company is actively seeking United States military veterans and service members who meet the qualifications outlined below.”


At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.

 

Job Summary

Dominion Energy’s Power Generation Business Unit seeks a Generation Cyber Security Senior Analyst to support the Power Generation fleet (non-nuclear) with computer, communications, and network security in Operational Technology (OT) Industrial Control System (ICS) environments and ICS Cyber Security environments.  This position is located at Dominion Energy’s Thomas F. Farrell II Building, 600 E. Canal Street, Richmond, Virginia.


The successful candidate will be able to provide the support noted below in accordance with standards, best practices, and regulatory requirements, for the operating units and auxiliaries:

 

  • Provide ongoing support and oversight for the Industrial Control System (ICS) cyber security systems.  (ICS e.g.: Distributed Control Systems “DCS”, Programmable Logic Controller systems “PLC”, SCADA).
  • Proficiently utilize, manage, and support cyber security systems deployed in protection of ICS assets, including inventory systems, change monitoring, network intrusion detection, file security, anti-virus, whitelisting, SIEM, WSUS, backup/restore, and network device management.
  • Recommend and support the implementation of architectures necessary for Power Generation’s cyber security and compliance posture.  
  • Implement and manage system installations, modifications, and integration of communication protocols, programs, and cyber tools in support of secure ICS data and control communications.
  • Provide hands support with computer, software, and network device implementations, security hardening, modifications, updates, patches, troubleshooting, and replacement.
  • Research, develop, and implement cyber security architectures and communications necessary to maintain the plant cyber security and compliance posture.
  • Serve as a cyber security team member and uphold responsibilities in support of the fleet and related cyber security project implementations and initiatives. 
  • Develop and implement secure software and network communication architectures to support data and access communication needs.
  • Provide firewall rule development, review, and investigation.
  • Coordinate with Power Generation Cyber Security and Information Technology (IT) Groups for enterprise firewall rule change requests as needed.
  • Provide monitoring, surveillance, and troubleshooting of ICS cyber security systems.  
  • Support cyber security event investigation in coordination with the Incident Response Team.
  • As needed: review, analyze, and investigate logs, events, and alerts for potential security breaches.
  • Monitor cyber security best practices, industry trends, and regulatory requirements while identifying gaps in cyber security controls and recommend/implement technical or administrative solutions to remediate.  
  • Follow policy and procedures established by Power Generation Regulatory Compliance and Corporate Cyber Security. 
  • Develop specific procedures and support deployment of cyber security equipment patches and upgrades in accordance with policy.
  • Review and approve change management and design change packages for cyber security and compliance impacts.  
  • Address and resolve ICS-CERT vulnerabilities in coordination with compliance and station personnel.
  • Develop technical procedures and guidance documents.
  • Ensure system drawings and documentation are revised as needed.
  • Act as a mentor to other staff members to broaden knowledge and technical expertise across the team.
     

Required Knowledge, Skills, Abilities & Experience

 

Required experience: 5+ years of experience in operational technology cyber security, system administration, networks, firewalls, and management of Windows operating systems security (Note: A partial year of related work experience of 6 months or greater will be considered one year towards the qualifications; A an advanced degree can count as one year experience)

 

Must have a ‘hands on’ experience/understanding utilizing cyber security processes and technologies including:

  • Cyber security technologies such as network intrusion detection systems, logging and monitoring tools, antivirus tools, whitelisting tools, malware prevention tools, incident response tools, asset inventory systems and security analytics platforms
  • Incident analysis, root cause analysis, and problem resolution
  • An understanding of industrial control system networks, switches, and firewalls, and the differences of these OT systems from IT systems when applying cyber security controls.
  • Strong experience with workstation and server security, protection, and software.
  • Experience in security aspects of multiple platforms, operating systems, software, communications, and network devices, architectures and topologies.
  • Strong Experience with Network devices (network switches, firewalls, routers)

 

Other requirements:

  • Strong level of understanding of security principles, technologies, best practices, and NIST ICS guidance.
  • Excellent analytical and problem solving skills.  Ability to work independently and in a team environment to identify errors, pin point root causes, and devise solutions with minimal oversight.
  • Ability to coordinate multi-project assignments and manage deadlines. 
  • Strong Microsoft/Cisco system administration experience.
  • Strong leadership and interpersonal skills;
  • Strong verbal and written communication skills
  • Ability to successfully work both independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.

 

Preferred Skills:

  • Systems Security Certified Practitioner (SSCP)
  • Certified Information System Security Professional (CISSP)
  •  Familiarity with Industrial Control Systems (DCS, PLC, SCADA) and third-party datalink protocols (e.g. Modbus, DNP, ABPLC
  • Strong Microsoft/Cisco system administration experience.
  • Microsoft Certifications
  • Network Certifications

 

*The company is actively seeking United States military veterans and service members who meet the qualifications.
• Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined.

Education Requirements

Required: Bachelor Degree

Preferred Disciplines:
Computer Science
Engineering
Other Bachelor of Engineering or Science disciplines may be substituted for the approved disciplines stated above at discretion of the hiring manager

Licenses, Certifications, or Quals Description

  • Systems Security Certified Practitioner (SSCP) preferred
  • Certified Information System Security Professional (CISSP) preferred
  • Microsoft Certifications – MCSA, MCSE, MCA
  • Linux Certifications – RHCSA, RHCE, RHCA, LPIC-1, LPIC-2
  • Firewall Certifications – Fortinet NSE4, 5, 6, 7, 8, PCCET, PCNSA, PCNSE
  • Network Certifications - CCNA, CCNP, CCIE, RHCSA, RHCE, RHCA
  • Security Certifications - OSCP, eCPPT, CISSP, SSCP
  • GIAC Certifications – GICSP, GRID, GCIP, GCIH, GCIA, GCFE, GPEN, GSEC

#Dice

Working Conditions

Cold Up to 25%
Dust / Grease / Oil Up to 25%
Heat Up to 25%
Loud Noise Up to 25%
Operating Machinery Up to 25%
Travel 51-75%

Other Working Conditions

Test Description

No Testing Required

 

Export Control


Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law.  Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.

 

Other Information


We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more.   To learn more about our benefits, click here dombenefits.com.

Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.  

You can experience the excitement of our company – it's the difference between taking a job and starting a career.

Top 3 Reasons to Work at Dominion Energy

There are many reasons to work at Dominion Energy, but below are the top three employees have shared with us. Click on each of the links to learn more!

1. Safety Centric Work Environment
2. Generous Pay and Benefits
3. Collaborative & Inclusive Culture

About Dominion Energy

I am your warm cup of coffee in the morning and I light your home at night. I am the cool breeze from your A/C on the hottest day in summer, and the red coil that heats your soup pot on a frigid winter’s day. I am sustainable, reliable and affordable.
 
I am not just any energy… I am Dominion Energy.
 
We're transforming the way we do business to build a more sustainable future for the planet, our customers, our team and our industry.  We're shaping the future of energy in America.
 
Join us!
 

Facts:
·17,000 employees
·Headquarters: Richmond, VA
·16 states in the US
·$100 billion of assets
·Nearly $35 million in charitable contributions
·100,000+ volunteer hours recorded in the community

Our Commitment to NetZero by 2050

We’ve cut carbon emissions from our electric generation business by approximately 46% (since 2005) and methane emissions from our natural gas business by 38% (since 2010) — and we're just getting started. By growing wind, solar, and renewable natural gas and pursuing innovative technologies, we expect to achieve net zero emissions by 2050. We’ve also committed to reducing the emissions of our suppliers and customers — so we can all move forward together.


Nearest Major Market: Richmond

Job Segment: Testing, Network, Nuclear Engineering, Cisco, Computer Science, Technology, Engineering