Competitive Power Ventures, Inc. (“CPV”), with headquarters in Silver Spring, MD, and offices in Braintree, MA and Sugar Land, TX, is uniquely positioned to leverage global technology and financial partnerships to help modernize America’s power generation. We are driven to improve our energy infrastructure by developing and operating power generation facilities using cutting edge, domestically available natural gas and renewable power technology. CPV is owned by OPC Energy, the first privately held electric company in Israel.
CPV is seeking a Network Security Engineer to join our Information Technology Department in our Silver Spring, MD office.
The Network Security Engineer will identify threats and vulnerabilities in systems and software, applying company security policies and procedures to continue developing and implementing high-tech solutions to defend against hacking, malware and ransomware, insider threat
s, and all other forms of cybercrime. The candidate must have a strong technical background in IT systems and firewall/network security, along with superior analytical and problem-solving skills. Additionally, this candidate must be capable of interacting directly with plant personnel at all staffing levels. The candidate will have a deep understanding of the current cyber threat industry and have a willingness to learn about and actively support Operational Technology (OT).
Summary of Responsibilities
- Deploying, configuring, managing, and monitoring cybersecurity applications (i.e., MDR, IDS, SIEM) both hardware and software across the CPV plant fleet networks
- Troubleshoot network security-related problems and work with plant Managed Service Provider (MSP) to implement global fixes if the problem is determined to be systemic
- As an Incident Manager, and member of the CSIRT, serve as first responder to gather information on cybersecurity events, following established security protocols and notifying appropriate personnel.
- Testing and identifying network and system vulnerabilities through penetration tests, and vulnerability scans
- Lead tabletop exercises and relevant phishing campaigns to regularly test personnel and provide additional training for those that need it
- Proactively remediate vulnerabilities identified by 3rd parties including OEMs, vendors, and threat repositories such as MS-ISAC and CVE
- Ensure that the organizations data and infrastructure are protected by upholding security policies, reviewing best practices, and making recommendations
- Oversee firewall configuration changes, patch management, and perform regular reviews of firewall rules to ensure they meet security requirements
- Work with MSP and application vendors to complete regular security checks on systems to identify visibility loss through downed sensors or failed hardware appliances, remediating as required
- Use available security solutions suite to hunt for cyber threats within each network environment, then work with appropriate vendor for remediation
- Evaluate known threats and vulnerabilities and make recommendations if additional security controls are needed to safeguard the environment
- Perform daily administrative tasks, reporting, and communication with cyber security manager as well as plant personnel
- Operate security controls and notifications within local state & federal government requirements as well NERC CIP standards (low & medium impact)
- Willingness to serve as Tier 1 SCADA Help Desk in a limited capacity (training provided)
- Bachelor’s Degree or equivalent education in Cybersecurity, Computer Science, Information Systems, Information Security & Assurance, Information Technology, Engineering, or related field
- Five or more years of IT systems, networking, and network security experience • Two years or more experience with incident detection, incident response, and forensics • Experience with Firewalls (functionality and maintenance), Office 365 security, Hyper V, VMware, and Endpoint security.
- Windows Server Active Directory experience
- Proficiency in Python, C++, Java, Ruby, and/or Power Shell.
- CCNA equivalent or better required, CEH or CompTIA Security+ are a plus
- Current knowledge and experience with NERC CIP Reliability Standards is a plus
- Must be able to lift and carry up to 25 lbs.
- Excellent written and verbal communication skills
- Ability to communicate effectively with various internal and external stakeholders, at all staffing levels
- Detailed-oriented, organized, and able to effectively prioritize responsibilities in a fast-paced environment
- Willingness to travel up to 50% of time to the plants and other CPV locations
- Exhibit a professional demeanor that aligns with our core values
- Must pass a pre-employment criminal background check and financial credit check
CPV holds all employees to the highest ethical standards and is committed to conducting business with integrity, transparency and honesty to ensure our success.
CPV is an Equal Opportunity Employer.
Posted: December 22, 2022
Location: Silver Spring, MD