Plant Operations Cyber Security Specialist

This position ensures the execution of the security services and CIP compliance for generating plants and will be responsible for maintaining inventories, configuration baselines, security logging, and patching. This position will also work with compliance and controls personnel to implement and maintain the program and serve as the primary contact for the services.

*Ensure compliance with all NERC-CIP Standards at NRG's facilities.

*Primary responsibility for CIP compliance at assigned site.

• Create and maintain compliance or operational procedures as required.

*Be the lead for all CIP-related Physical and Electronic Access Control for the identified site.

*Be the primary contact for issues with physical security at all assigned sites for physical security parameters, including verifying those needing access, response to breaches, and security system failures.

*Determination, verification, and justification of all open ports and enabled services on Cyber Assets.

*Assessment of security patches and updates for all Cyber Assets.

*Deployment or mitigation of required security patches and updates to all Cyber Assets.

* Ensure that Cyber Assets are protected by Antivirus/Antimalware applications; update as required.

* Ensure required logging and alerting of Cyber Assets is functional; respond to detection of various types of alerts or breaches.

*Be the administrator for personnel needing electronic access, both local and remote, to Cyber Assets.

*Follow NRG's Policy and Procedure for reporting Cyber or Physical Security Incidents. Assist in testing the Incident reporting procedure annually.

*Perform and verify backups of Cyber Assets.

*Create and maintain disaster recovery procedures and assist with performance

• Follow and assist others in following the NRG Policy and Procedures for Change Management.

*Perform Cyber Vulnerability Assessments as needed.

*Provide accurate documentation for all NERC evidence requirements; complete evidence collection tasks in NRG's workflow program in a timely manner.

*Assist with Compliance Requirements at other sites in the region as needed as well as being available to assist team members at other sites across the NRG fleet if needed.

*Work with team members on projects and new, innovative ideas.

*Working with various teams, prepare evidence needed for NERC Audits.

*Maintain great working relationships with site personnel and other teams.

*Some travel required- approximately 10-20%.

*Other duties as required.

*Work in an open office or power plant environment

*Work overtime and non-standard working hours as directed

• Three (3) or more years of experience in Cyber Security, NERC-CIP Compliance, and/or Power Generation or Transmission.
• Experience working with Distributed Control Systems (DCS).
• Knowledge of OT Technologies and Balance of Plant (BoP) Systems.

*Experience in the concepts of protection of assets using Antivirus/Antimalware, applying security updates and security monitoring.

*Experience in maintaining Windows-based servers and workstations including configuration, patching, and anti-malware

*Good working knowledge of Windows (Access, Word, and Excel), Visio, and Unix as related to both, servers and workstations.

*Working knowledge of Unix/ Linux Operating Systems.

*Working knowledge of network equipment such as firewalls, switches, and routers.

• Cybersecurity certifications such as CISSP, CISA, Security+
• NERC-CIP experience and knowledge of NERC-CIP Standards and Requirements.

• Knowledge and/or experience working with Distributed Control Systems (DCS).
• Knowledge of OT Technologies and Balance of Plant (BoP) Systems.
• Experience using vulnerability scanning tools.
• Experience provisioning and maintenance of PACS.
• Administration experience of Windows and as related to both servers and workstations.

• Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.

• Demonstrated ability to work independently and as a team member.

• Demonstrated ability to set priorities and respond to changing demands.

• Ability to exercise discretion and independent judgment in applying established techniques, procedures, or standards; demonstrated ability to maintain confidentiality.

*Socialize innovative ideas with the team and others.

*Performs moderately complex work assignments under minimal supervision.

*Works to resolve moderately complex issues, and seeks guidance from team members on escalated issues.

*Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.

*Demonstrated ability to work independently and as a team member.

* 1 year or more of experience with system management (patching, troubleshooting, administration)

* Demonstrated ability to set priorities and respond to changing demands.

*Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards; demonstrated ability to maintain confidentiality.

NRG Energy is committed to a drug and alcohol-free workplace.To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Vet/DisabilityLevel, Title and/or Salary may be adjusted based on the applicant's experience or skills.Official description on file with Human Resources.