Information Systems Security Engineer

_JS POSITION RESPONSIBILITIES

• Provide technical expertise on control center and field infrastructure security architecture and management for control center and field infrastructure systems and related matters.
• Applies a broad knowledge of power system operations and associated control center and field systems including knowledge of security and regulatory ( FISMA and NERC CIP) as it pertains to compliance computer networks, user interfaces, system software, data acquisition, telecommunications, substation field equipment, and related computer hardware areas.
• Provide Information System Security Officer support and technical expert for the BPA control center and field General Support Systems and programs by providing expert technical advice, guidance, and recommendations to management and other technical and security specialists on critical operational issues relating to control center control and field infrastructure and data systems including the upgrade and enhancement of all systems in the two critical BPA control centers and field locations.
• Recommend security strategies in the development of system, software and hardware architectures, technical plans and specifications, system designs, software designs, integration plans, test plans, and project plans.
• Advises other OT experts and security practitioners throughout the control centers and field on a variety of situations and issues that involve applying or adapting new security technology theories, concepts, applications, standards, and/or practices.
• As the control center and field infrastructure security architect and expert, serve as the project security/compliance lead, on assigned projects, for an interdisciplinary project team of electrical engineering and operational technology staff assigned to execute on the most complex control center and field system projects.
• Verifies that the project plans conform to applicable organizational, agency and external security and compliance standards, policies and guidelines.
• Provide technical expertise and assistance with the recommendation, development and implementation of BPA management-approved operational cyber security and compliance strategies, processes, guidelines, and projects to safeguard critical cyber assets.
• Provide technical input, recommendations and assistance with the implementation of both higher and granular-level cyber security approaches, methods and solutions that incorporate and maintain compliance to requirements resulting from laws, regulations, or Presidential directives.
• Develop / draft, recommend and execute BPA management-approved testing plans, report results and recommendations.
• Provide security engineering expertise and recommendations.
• In collaboration with the BPA manager and per established procedures, develop a cyber-security architecture for the BPA control centers to include accurate, comprehensive applicable documentation.
• Perform detailed and comprehensive security event analysis.
• Provide guidance and input into technical reviews of proposed projects, and BPA's system security authorization processes.
• Provide technical input and support to the Continuous Assessment and Monitoring Program.
• Draft and recommend detailed project plans, timelines, milestones and objectives for upgrades, patches and other changes and/or for monitoring security measures for the protection of OT computer networks and information.
• Perform risk assessments and execute tests of data processing systems to validate functioning of data processing activities and security measures.
• Validate appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
• Coordinate, facilitate and assist with general support systems and major applications' security and compliance projects and program changes and initiatives that:
  Are designed to anticipate, assess, and minimize system vulnerabilities and weaknesses. Integrate across disciplines, platforms and internal organizations; (people, processes, systems) . Under the direction and leadership of BPA Management
• Recommend the scope and level of detail for system security plans and collaborate and assist with draft…