Share this Job

Cyber Security Specialist (Varies)

Date: Jan 9, 2021

Location: Ybor City, Florida, US, 33605

Company: TECO

Title: Cyber Security Specialist (Varies)   
Company: Tampa Electric Company
State and City: Florida   -  Ybor City (Remote Opportunities Available!)
Shift: 8 Hr. X 5 Days

 

Power up a career with us. Our people are our greatest investments. 

 

Be the light to help us keep our customers connected.  If you are interested in a career and not just a position, Tampa Electric is the place to be! Tampa Electric offers competitive pay, a comprehensive benefits package and opportunities for growth and development in a friendly and professional work environment. We embrace diversity and the inclusion of all. We believe our differences, unique perspectives and talents are our strengths and integral to the success of our company.

 

We’re honored to serve approximately 780,000 customers across West Central Florida and safely provide them with clean, affordable and reliable electricity. We’ve been doing it for more than 100 years, and there’s so much more ahead.  

 

Join our team of energy experts as we build on that legacy through innovation, continued solar investments, cost-effective and sustainable energy solutions all while keeping top-notch customer service at the center of all we do. 

 

Tampa Electric is a subsidiary of Emera Inc., a family of energy companies which also includes TECO Peoples Gas and New Mexico Gas Company. Emera provides energy to residential and commercial customers in the United States, Canada and the Caribbean, with career opportunities available in all of these locations. 

 

*Candidates may qualify in this multi-graded position as a Cyber Security Specialist to Senior level based upon skills, experience, and education.  Consideration for higher level position will require more experience directly related to the duties of the job in addition to meeting more of the preferred qualifications and requires more independent judgment, accountability and oversight, leadership and/or subject matter expertise in performance of this position.

 

POSITION CONCEPT:

The Cyber Security Specialists are responsible for monitoring the company’s information security systems, ensuring that all procedures are followed on a daily, weekly, monthly, and annual basis.  Additionally, this position provides expert-level support, within a team environment, for systems used to monitor and protect the enterprise assets.  Also tasked with detecting, analyzing, and responding to any suspicious cyber security activity across TECO/Emera business and operational networks.  The scope includes all network infrastructure, operating systems, and web server platforms throughout TECO Energy and its subsidiaries.

Cyber Security Specialists develop and possess an in-depth understanding of exploits (e.g., malware) and vulnerabilities, resolving issues by taking the appropriate corrective action, or following the appropriate escalation procedures.  This entails proactively identifying and assessing threats to TECO’s network and data, monitors TECO’s network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape.  The responsibilities include assessing enterprise assets to include critical assets for secure configurations and maintaining and enforcing regulations regarding NERC Critical Infrastructure Protection (CIP), Sarbanes-Oxley (SOX), PCI, and corporate information security standards.

 

WORKING CONDITIONS

Normal working conditions with occasional extended hours during the week and weekends including on-call rotational support.

 

DUTIES AND RESPONSIBILITIES:

  • Monitor and respond to security threats and/or events generated by various security monitoring tools/technologies for the enterprise network.  Determine if anomalies are actual system compromises.  Escalate significant threats/events to 2nd or 3rd tier support for deeper analysis.  This is to ensure all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
  • Conduct digital forensics by collecting computer/network-related evidence in support of policy violations, criminal activity, fraud, and in response to threat intelligence, law enforcement investigations, or information technology (IT) audit efforts (NERC CIP, SOX, PCI, etc.).  Additionally, conducts malware analysis to gather relevant indicators of compromise (IOCs) for active hunting and continuous monitoring for installed toolsets
  • Translates all applicable standards and requirements (NERC CIP, NIST 800-171, NIST 800-53, PCI-DSS, SOX, etc.) into appropriate systemic and procedural solutions to enable compliance adherence.  Coordinate and communicate necessary actions to maintain compliance with applicable internal and regulatory standards.  Assist in the development and enforcement of company policies, procedures, desk level procedures, disaster recovery plans, processes, plans and standards that support and facilitate governmental and regulatory compliance.  Assist in the development of management responses to internal/external government and regulatory audits and data requests in conjunction with respective management and staff
  • Evaluate the effectiveness of in-place security controls to constantly strengthen the overall security posture.  Recommend implementation of counter-measures or mitigating controls as well as contribute to design, implement, and maintain security tools, systems, and technologies leveraged by the CSOC or NERC CIP program
  • Monitor external event sources for security intelligence and actionable incidents
  • Develop and maintain threat/risk metrics, security processes, and desk level procedures

 

EDUCATION, (LICENSES AND CERTIFICATIONS):

Required: Valid High School Diploma or valid GED 

Preferred: An accredited Bachelor’s Degree in Computer Science, Information Systems, or other IT related discipline

 

Licenses/Certifications

Required:  From the list of certification vendors, one related Information Security professional

certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.).

Preferred:  ITIL v3 and one or more of the following or similar Information Security professional

certifications (ex: ACE, CCE, CEH, CISA, CISM, CISSP, CRISC, EnCE, GCCC, GCDA, GCED,

GCFA, GCFE, GCIA, GCIH, GCWN, GICSP, GMON, GNFA, GPEN, GPPA, GREM, GWAPT,

GXPN, OSCP, SCCP).

 

EXPERIENCE:

Required: A minimum 5 years of related Cyber Security, IT, or Technical (hands-on networking, telecommunications [radios, satellites, communications, etc.], hardware, software) experience.  In lieu of some experience listed above, may consider 3 years related experience with a Bachelor’s Degree in Computer Science, Information Systems or other IT related discipline.

 

KNOWLEDGE/SKILLS/ABILITIES:

Required:

  • Good working knowledge of major operating system security (Windows, Mac OS, Linux/Unix), web server security, and network security
  • Good working knowledge of major security systems and functions for incident response, monitoring and forensic activities: Firewalls, IDS/IPS, Antivirus/Antimalware, SIEM, Incident Response, Threat Prevention, Web/Application Control Filtering, Email Filtering, NetFlow Analysis, Endpoint Security, Configuration and Change Management, File Integrity Monitoring, and DLP
  • Good working knowledge of log, network, and system forensic investigation techniques
  • Basic working knowledge of networking protocols and systems administration
  • Basic working knowledge of identifying and capturing indicators of compromise and methods for detecting them within incidents
  • Basic working knowledge with packet analysis and malware analysis
  • Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
  • Good analytical and risk assessment skills as well as strong listening, written and computer communication skills for reporting and auditing purposes

Preferred:

  • Good working knowledge of major security systems and functions for incident response, monitoring and forensic activities: Firewalls, IDS/IPS, Antivirus/Antimalware, SIEM, Incident Response, Threat Prevention, Web/Application Control Filtering, Email Filtering, NetFlow Analysis, Endpoint Security, Configuration and Change Management, File Integrity Monitoring, and DLP
  • Good working knowledge of networking protocols and systems administration
  • Good working knowledge of identifying and capturing indicators of compromise and methods for detecting them within incidents
  • Good working knowledge with packet analysis and malware analysis
  • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI
  • Basic knowledge of penetration testing technologies and procedures
  • Basic knowledge with reverse engineering malware
  • Strong analytical and risk assessment skills as well as strong listening, written and computer communication skills for reporting and auditing purposes

 

LEADERSHIP COMPETENCIES

  • Champions Safety, Health and the Environment
  • Takes Ownership and Acts with Integrity
  • Drives Business Excellence for Customers
  • Builds Collaborative Relationships
  • Develops People and Teams
  • Cultivates Innovation and Embraces Change
  • Thinks Strategically and Exercises Sound Judgment

 

TECO offers a competitive Benefits package!!

 

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage  *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

 

 

STORM DUTY REQUIREMENTS....Please make sure to read below!!!  Responding to storms will be considered a condition of employment.

 

TECO Energy and its companies serve a role in providing critical services to our community during an emergency. Team members are required to participate in the response/recovery activities related to emergencies/disasters to maintain service to our TECO Energy customers. Team members are required to work in their normal job duties or other assigned activities. Proper compensation will be made in accordance with the company's rules and procedures.

 

TECO Energy is proud to be an Equal Opportunity Employer.

 

TECO Energy is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by law, except where physical or mental abilities are a bona fide occupational requirement and the individual is unable to perform the essential functions of the position with reasonable accommodations.

 

In order to provide equal employment and advancement opportunities for all individuals, employment decisions at TECO Energy will be based on skills, knowledge, qualifications and abilities.

 

Pay Transparency Non-Discrimination Statement


The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

 

ADA policy


It is the policy of TECO Energy to provide reasonable accommodation for all qualified disabled individuals who are employees and applicants for employment, unless it would cause undue hardship. The corporation will adhere to applicable federal and state laws, regulations and guidelines, including, but not limited to the Americans with Disabilities Act (ADA) of 1990 and section 503 and 504 of the Rehabilitation Act of 1970s.

 

 

Application accommodations


Applicants may request reasonable accommodation in the application process five business days prior to the time accommodation is needed.

 

Pre-employment physical exams may be required for positions with bona fide job-related physical requirements regardless of disability. 


Nearest Major Market: Tampa

Job Segment: Telecom, Telecommunications, Engineer, Information Systems, Linux, Technology, Engineering