This job was posted by https://www.vermontjoblink.com : For moreinformation, please see: https://www.vermontjoblink.com/jobs/1118173This position is responsible for implementing, supporting, and managingBurlington Electric Departments cybersecurity initiatives and policies.Responsibilities include design and review of security controls,monitoring of internal/external access controls, and implementingsecurity safeguards to protect the confidentiality, integrity, andavailability of information technology (IT) and operational technology(OT) assets. This role will be focused on protecting system boundaries;keeping computer systems, applications and network devices hardenedagainst attacks; as well as monitoring and responding to significantsecurity events ensuring the stability, integrity, and secure operationof critical in-house and cloud-based systems and networks.

　　Union Affiliation: International Brotherhood of Electrical Workers(IBEW)

　　Pay Grade A4: \$65,839.90 - \$107,934.32 Annually

　　Essential Job Functions

　　Plan, implement, manage, monitor, and upgrade security measures for theprotection of the organization\'s data, systems, networks, and securitytools (IDS, IPS, Firewall, VPN, IDP, WAF, DLP, SIEM, Web Proxies, andVulnerability Scanners) for the advanced metering infrastructure (AMI),supervisory control and data acquisition (SCADA)/advanced distributionsystem (ADMS), DMZ, and business computing environments.

　　Work closely and collaborates with the Security Operations Center teamto analyze, investigate, and respond to security incidents, sharingexpertise and insights to enhance the organizations cyber defensestrategy.

　　Lead the design and deployment of group policy to harden endpoints andinfrastructure.

　　Provide consultation to the IT and OT teams in preparation andimplementation of patch management and firmware management.

　　Support other IT staff in managing backup infrastructure, includingtesting and preparation of disaster recovery plans and policies.

　　Detect, investigate, and perform recovery from security incidents, andassist with incident response plans.

　　Conduct threat and vulnerability risk assessments to determine securityrequirements and proactively fix security flaws and vulnerabilities.

　　Conduct analysis of security requirements and controls to identify gapsand provide recommendations of industry best practices, trends, andtechnology products.

　　Support the development of and adherence to policies, standards, andprocedures for data

　　governance and data management.

　　Assist in the identification, evaluation, deployment, and optimizationof security technologies.

　　Design and present annual cybersecurity training to BED staff members.

　　Lead BEDs Cybersecurity Working Group

　　Work closely with other BED teams including IT/Systems, Engineering,System Operations, Generation, and Finance to ensure adequate securitysolutions are in place for all IT and OT systems and platforms tosufficiently mitigate identified risks and meet business objectives.

　　Ensure that the organization\'s data and infrastructure are protected byenabling the appropriate security controls.

　　Provide security design, consultancy, and assessment services andintroduce improvements in technical security standards and securityimplementation patterns and designs.

　　Maintain awareness of latest security risks, analyze potential impact ofnew threats and exploits, and communicate risks to relevant businessunits.

　　Create reports on security incidents and overall enterprise securitystatus.

　　Develop security-related procedures and related metrics; review andcontribute to the improvement and standardization of security systemsacross all IT and OT.

　　Create and implement cybersecurity best practices in accordance withBEDs access control, disaster recovery, business continuity, and riskmanagement policies, plans, and procedures.

　　Perform aily administrative tasks, reporting, and communication withrelevant departments in the organization.

　　Collaborate as a member of the IT team sharing information, mentoring,cross-training, and providing coverage as directed by the supervisor.

　　Non-Essential Functions:

　　Perform other duties as required.