Job Description

At Dominion Energy we love our jobs. Thats right. Love. Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate. These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever. We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company thats proud of its rich legacy. Are you a change agent? Do you think differently? Do you want to fall in love with your job? If you answered yes, then read on!

At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.

Job Summary

Dominion Energys Power Generation Business Unit seeks a Generation Cyber Security Senior Analyst with experience in computer and network security in Industrial Control System (ICS) environments to support the Power Generation Station (non-nuclear).

This position is located at Dominion Energys 600 Canal Place location in Richmond, Virginia.

Job Summary & Responsibilities:

The successful candidate will be able to provide the support noted below in accordance with standards, best practices, and regulatory requirements, for the operating units and auxiliaries:

1. Oversee and provide ongoing support for the Industrial Control System (ICS) cyber security systems and program.
2. Oversee the support and management of and proficiently utilize cyber security systems deployed in protection of ICS/DCS/PLC/SCADA assets, including asset inventory systems, change management, network intrusion detection, file security, anti-virus, whitelisting, SIEM, WSUS, backup/restore, and firewall rule development along with review and investigation of system event logs.
3. Recommend, support, and lead the implementation of architectures necessary to maintain Power Generations cyber security and compliance posture.
4. Implement and Manage System installations, modifications, and integration of communication programs and cyber tools in support of secure ICS data and control communications.
5. Perform computer (hardware/software) and network switch installations, modifications, and replacements as needed.
6. Serve as a cyber security team member and uphold responsibilities in support of the fleet and related project implementations.
7. Perform firewall rule reviews and investigation.
8. Coordinate with Power Generation Corporate Cyber Security and IT for enterprise firewall rule change requests as needed.
9. Follow policy, procedures, and Power Generation Corporate Cyber Security guidance.
10. Provide monitoring, surveillance, and troubleshooting of cyber security systems.
11. Support and/or lead for cyber security event investigation in coordination with Incident Response Team.
12. As needed: review, analyze, and investigate logs, events, and alerts for potential security breaches and follow incident response procedures.
13. Develop procedures for review by the corporate Cyber Security lead and/or compliance group.
14. Support deployment of cyber security equipment patches and upgrades recommended by the Corporate Cyber Security Lead in accordance with policy and procedures.
15. Review industry guidance for cyber security, identify gaps in cyber security controls and recommend/implement technical or administrative solutions to remediate.
16. Review change management records and design change packages for cyber security compliance and impacts.
17. Address and resolve ICS-CERT vulnerabilities in coordination with Power Generation Regulatory Compliance (PGRC) and station cyber security personnel.
18. Ensure system drawings and documentation are revised as needed.
19. Verify that corporate and station managed projects follow approved cyber security practices.

Relocation assistance can be offered to the successful eligible candidate.

Required Knowledge, Skills, Abilities & Experience

1) At least five years of experience in IT/OT cyber security, system administration, networks, firewalls, and management of Windows operating systems security - or - 7 years of a combination of this experience and ICS experience.

2) Must have a hands on understanding of cyber security processes and technologies including,

Security technologies such as network intrusion detection systems, logging and monitoring tools, antivirus tools, whitelisting, malware prevention, incident response tools, asset inventory systems and security analytics platforms;
Incident analysis, root cause analysis, and problem resolution
An understanding of industrial control system networks, switches, and firewalls, and the differences from IT systems when applying cyber security controls on OT systems.
An understanding of workstation and server security and protection
Experience in security aspects of multiple platforms, operating systems, software, communications, and network architecture and topologies.
Network devices

Other requirements:

1) Strong level of understanding of IT/OT security principles, technologies, best practices, and NIST ICS guidance.
2) Excellent analytical and problem solving skills. Ability to work independently and in a team environment to identify errors, pin point root causes, and devise solutions with minimal oversight.
3) Ability to coordinate multi-project assignments and manage deadlines.
4) Strong Microsoft/Cisco system administration experience.
5) Strong leadership and interpersonal skills;
6) Strong verbal and written communication skills;

Preferred Skills:

Systems Security Certified Practitioner (SSCP)
Certified Information System Security Professional (CISSP)
Familiarity with Industrial Control Systems (DCS, PLC, SCADA) and third-party datalink protocols (e.g. Modbus, DNP, ABPLC).
Microsoft Certifications

Note: A partial year of related work experience of 6 months or more rounds to one full year of qualifications.
The company is actively seeking United States military veterans and service members who meet the qualifications.
Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined.

Education Requirements

Preferred: Bachelor
Computer Science
Electrical Engineering
Information Technology
Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description

Systems Security Certified Practitioner (SSCP) preferred

Certified Information System Security Professional (CISSP) preferred

Working Conditions

Office Work Environment 76 -100%

Travel 51-75%

Other Working Conditions

Test Description

No Testing Required

Export Control

Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.

Other Information

We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more. To learn more about our benefits, click here dombenefits.com.

Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.

You can experience the excitement of our company it's the difference between taking a job and starting a career.