Enterprise Security Analyst, Progression

Title: Enterprise Security Analyst, Progression 
Company: Tampa Electric Company
Location: Ybor Data Center 
State and City: Florida  -  Tampa
Shift: 8 Hr. X 5 Days

Hiring Manager:  James P Boykins

Recruiter: Mark E Koener 

TITLE:    Enterprise Security Analyst (Progression)
PERFORMANCE COACH:     Enterprise Security Lead
COMPANY:    TECO Services Inc.
DEPARTMENT:    Information Security

This is a multi-level position and the salary range for this position varies and is commensurate with skills, experience, and education.

POSITION CONCEPT
The Enterprise Security Analyst is responsible for ensuring the integrity of the company’s information resources at the network, operating system, and application levels by researching, recommending, and developing security architecture, as well as leading the implementation of appropriate technical and procedural solutions.   

The scope of responsibilities includes all network infrastructure, operating systems, database, hosted solutions, and web server platforms throughout TECO Energy and its subsidiaries. Integral to the position are the following responsibilities:  this position necessitates a solution orientated problem-solver with demonstrated knowledge of Information Security best practices. Protecting company and client technology, data assets, and ensuring compliance with regulatory and contractual requirements. Analyzes risk, establishing  appropriate security controls and responding to potential threats.

Please keep in mind that these are the minimum requirements for an Enterprise Security Analyst position. This position does have various levels, so if an applicant meets more of the preferred skills, they may qualify for a higher-level position within the Enterprise Security Analyst job family

Enterprise Security Analyst 
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.  Designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.  Maintains security by monitoring and ensuring compliance to standards, policies, and procedures.

PRIMARY DUTIES AND RESPONSIBILITIES 
1.    Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements. (30%)  

2.    Provide and apply appropriate security consulting and support for enterprise projects, requires knowledge across multiple platforms (Firewalls, Database, Operating Systems, Cloud Based, and on premise applications). (30%) 

3.    Ensure the integrity and protection of networks, systems, database, applications, hosted solutions and corporate asset by technical enforcement of organizational security policies. Recommends necessary operating system and network controls to meet state, industry, and federal other regulations (SOX, PCI-DSS, Florida Privacy, PCI-DSS) (10%)

4.    Participate in the creation and delivery of Information Security awareness training throughout the organization. (10%)

5.    Contribute to the creation and maintenance of information security policies, documentation, standards, baselines and guidelines. (10%)

6.    Perform research and analysis on an ongoing basis to ensure the Information Security team remains up to date regarding the latest threats, and all other forms of Information Security events. (10%)

RELATIONSHIPS

Key Internal:    Will engage multiple Information Technology groups and business units. Interactive engagement will require communication with individual contributors, middle management and executive management.

Key External:     Will engage external contacts including vendors, contractors, regulatory agencies industry associations, and other utility partners.
        

QUALIFICATIONS

Education

Required:     Bachelor’s Degree in Computer Science, Information Systems or other Information Technology related field.  (In lieu of Bachelors degree, a High School Diploma and 8 years of related Information Technology experience may be considered). 

Licenses/Certifications

Preferred:    CISSP, ITILv3, and two related Information Technology Security professional or vendor certifications (ex: CEH, CSSA, GIAC, etc.)

EXPERIENCE
 

Related Experience 

Required:  4 years of practical technical experience in an Information Technology role, Information Systems Audit role, or Information Security role. (In lieu of a Bachelor’s degree, a High School Diploma and 8 years of related Information Technology experience may be considered).

Knowledge/Skills/Abilities (KSA) 

Required: 
•    Ability to determine security requirements by evaluating business strategies and requirements; researching information security standards; studying architecture/platform; and identifying integration issues.
•    Knowledge of Internet protocols, communication protocols, data and network security, and network monitoring tools.
•    Knowledge of encryption technologies and techniques (certificates, PKI, Data Loss Prevention, multi factor authentication) and best practices.
•    Knowledge of various Operating system and Database security hardening controls and best practices. 
•    Anticipates, recognizes and resolves issues to prevent, reduce or otherwise mitigate Information Technology risk.
•    Time and project management skills, ability to deliver in a fast paced environment.
•    Maintains current knowledge of relevant technology as assigned.
•    Excellent verbal, written and presentation skills.
•    Strong interpersonal skills and ability to interface with all levels of management.

Preferred:    
•    Knowledge of NIST 800 Cyber Security Standards, PCI DSS and Sarbanes-Oxley as well as other evolving security and privacy regulations
•    Experience in development and implementation of a risk based approach security controls, risk statements, and countermeasures that meet the requirements of the business as well as the information security policies.
•    Knowledge of major security technologies (Firewalls, IDS/IPS, Anti-Virus, SIEM, and DLP, IAM)
 

TECO offers a competitive Benefits package!!

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage  *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

STORM DUTY REQUIREMENTS....Please make sure to read below!!!  Responding to storms will be considered a condition of employment.

TECO Energy and its companies serve a role in providing critical services to our community during an emergency. Team members are required to participate in the response/recovery activities related to emergencies/disasters to maintain service to our TECO Energy customers. Team members are required to work in their normal job duties or other assigned activities. Proper compensation will be made in accordance with the company's rules and procedures.

TECO Energy is proud to be an Equal Opportunity Employer.

TECO Energy is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by law, except where physical or mental abilities are a bona fide occupational requirement and the individual is unable to perform the essential functions of the position with reasonable accommodations.

In order to provide equal employment and advancement opportunities for all individuals, employment decisions at TECO Energy will be based on skills, knowledge, qualifications and abilities.

Pay Transparency Non-Discrimination Statement
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

ADA policy
It is the policy of TECO Energy to provide reasonable accommodation for all qualified disabled individuals who are employees and applicants for employment, unless it would cause undue hardship. The corporation will adhere to applicable federal and state laws, regulations and guidelines, including, but not limited to the Americans with Disabilities Act (ADA) of 1990 and section 503 and 504 of the Rehabilitation Act of 1970s.

Application accommodations
Applicants may request reasonable accommodation in the application process five business days prior to the time accommodation is needed.

Pre-employment physical exams may be required for positions with bona fide job-related physical requirements regardless of disability.