IT Security Administrator
Job Summary (Overall Purpose of the Position)
The purpose of the IT Security Administrator is to design, implement, maintain, and monitor the IT security program to protect Midwest Energy’s computer networks from cyber-attacks and help set and maintain security standards. The position ensures that computer systems and networks are monitored for security issues and that protective security software is installed and operating as designed. The position will work to act against cyber-attacks and document events, incidents, or breaches. The IT Security Administrator will work with all members of the IT department to capitalize on each member’s area of expertise in implementing security solutions, policies, and procedures.
Job Duties - Responsibilities – Tasks
- Lead and champion the implementation of the corporate defined security program set forth by the Center for Internet Security (CIS) and defined as the 18 Critical Security Controls (CSC 18) or any other adopted security framework such as NIST, SANS, etc.
- Research current industry cybersecurity best practices. Develop a strategy and lead the implementation of the best cybersecurity practice standards accordingly.
- Prepare and report security metrics (KPIs) at defined intervals based on the adopted cybersecurity framework (CSC 18, NIST, SANS, etc.) and identified baselines.
- Research, prepare, and present enhancements to Administrative Policies, IT Department Policies and departmental procedures to support the implementation and ongoing adherence to the adopted cybersecurity framework.
- Implement and facilitate a cyber security awareness user training program for all Midwest Energy staff. Define, develop and present performance metrics associated to the training to report the progress and performance of the company.
- Monitor computer networks and devices for security issues and compliance with defined security standards including but not limited to missing and installed patches, hardened baselines, hardened software configurations, and known vulnerability mitigations.
- Defend systems against unauthorized access.
- Either directly or by working in conjunction with the Data Center and Network / Telecommunication teams install cybersecurity measures by configuring, supporting, and operating software to protect systems and information infrastructure, including firewalls and antivirus/antimalware and IDS/IPS software.
- Perform active Threat hunting, looking for indicators of threats and indicators of compromise.
- Perform internal vulnerability assessments and plan a strategy for remediation.
- Review and update the Corporate Cybersecurity Incident Response Plan defining the process used to investigate security breaches and other cyber security incidents.
- Act as the IR Coordinator as defined by the Corporate Cybersecurity Incident Response Plan
- Coordinate and/or lead tabletop exercises to test the Incidence Response plan. Revise the IR plan if necessary and review with the team.
- Document security breaches and assess the damage they cause as laid out in the Corporate Cybersecurity Incident Response Plan.
- Coordinate the mitigation and remediation of detected vulnerabilities with the cooperation of applicable IT Department team members to maintain a high security standard.
- Organize an annual penetration test with an outside firm. Work with the other members of the IT Dept. to remediate any weakness.
- Conduct internal penetration tests.
- Assist in the purchase of cybersecurity related IT hardware and software with a special focus on cloud base applications and supply chain issues.
- Stay current on IT security trends, technology trends and security standards through trade magazines, conference participation and webinars.
- Stay current on current IT threats such as malware, ransomware, phishing tests, smishing, etc.
- Alert Midwest Energy employee end users through allusers email or similar communication channel when a new dangerous threat is identified by the cybersecurity community that cannot be mitigated through technology.
- As Midwest Energy is required by the North American Electric Reliability Corp. (NERC) and the relevant Reliability Entity to adhere to internal standards, procedures, and maintenance practices related to Critical Infrastructure Protection (CIP), the Corporate Network and Corporate Data Center infrastructure might, on occasion, be impacted by these compliance standards. This position will assist in the compliance measures as they relate to the Corporate Network and Corporate Data Center infrastructure.
- Promote safe working habits and enforce all safety rules and regulations of Midwest Energy, Inc. Lead by example in safety compliance and take corrective action on safety violations, defective equipment, and any other practice that may adversely affect a safe working environment.
Education and Experience
- Bachelor’s degree in cyber security, computer science, data processing or a related technical field. Alternatively work experience and/or a combination of education and work experience will be accepted.
- CompTIA Security+, Cisco Certified Network Associate and/or Cisco Certified Professional with five years’ experience in Network Operating Systems and Internet applications. Deep and solid understanding in TCP/IP and OSI network models and the ability to troubleshoot network issues.
- Familiarity of Windows Power Shell and Linux bash scripting.
- Five years’ experience working in an IT Department with responsibilities associated to maintaining security operation.
- Experience as an IT security administrator, server administrator, network administrator or similar position is preferred.
- Experience in cloud environment security is preferred.
- Knowledge of electric or gas utility industry is preferred.
- Technical writing experience is desirable, but not required.
- Must be able to pass FBI background check.
- Demonstrated detection and analytical skills.
- Ability to quickly and accurately find a solution to security breaches.
- Demonstrated skills utilizing technology platforms and reporting tools including Linux and Windows.
- Demonstrated skills utilizing project management techniques and methodologies.
- General knowledge and understanding of IT acumen associated to Networking, Telecommunications, PC Support and Database Administration.
- General knowledge and understanding of IT acumen associated to best practice ITIL standards.
- Employee should be able to acquire, within a reasonable time, an understanding of basic utility operations.
- Ability to manage and supervise others in a team environment to facilitate a secure information system environment.
- Ability to prioritize and execute multiple issues simultaneously.
- Demonstrated ability and experience in working independently with minimal supervision.
- Ability to interface effectively and establish effective working relationships with the user community (employees), cross-functional team members, managers, and consultants.
- Demonstrated proficiency in verbal and written communication to correspond with the user community, cross-functional team members, managers, security vendors and consultants.
- Ability to organize and lead end-user training.
- Ability to develop and implement solutions as well as trouble-shoot process, procedure, and software and hardware issues.
- Intermediate-level proficiency in the Microsoft Office Suite including Visio.
- Must hold and maintain a valid Kansas Driver’s License.
Posting Close Date: March 28, 2023
Equal Opportunity Employer