Golden State Water Company is one of the largest investor-owned water utilities in the United States. We deliver quality, reliable water to more than 1 million people in over 80 communities throughout California. Golden State Water has been in business for more than 90 years because we put customers first.

REQUIRED EDUCATIONS AND EXPERIENCE:

• High School Diploma or equivalent
• Minimum of three years’ experience in information technology, information technology security or cyber security related fields is required
• At least one year of cyber security incident collection, analysis, and reporting process procedures desired
• Hands-on experience in supporting and maintaining information technology and cyber security tools and technologies (endpoint protection, vulnerability and patch management, desktop management, mobile security, and alerting and monitoring utilities) desired
• Security + and/or Network+ certification desired

TECHNICAL KNOWLEDGE, SKILLS AND COMPETENCIES:

• Fundamental understanding of computer networking (TCIP/IP)
• Hands-on experience in supporting Microsoft Windows and Linux Operating Systems (OS) and platforms
• Knowledge of cyber threats and vulnerabilities
• Knowledge of adversarial tactics, techniques, and procedures
• Scripting experience (PowerShell or Python) is a plus
• Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner
• Ability to produce high-quality work in a timely fashion in a fast-paced environment
• Ability to work on multiple projects and tasks while remaining detail oriented
• Excellent analytical and problem solving skills as well as interpersonal skills to interact with team members and upper management
• Ability to work independently often and exercise sound judgment and decision making
• Strong attention to detail, well-organized, and able to manage time efficiently.
• Team player with ability to deal effectively with individuals at all levels.
• Clear and concise communication skills – verbal and written

critical incidents and strategic security requirements

• Reviews system audit logs and the logs of other cybersecurity solutions
• Develops and executes Security Awareness activities (including recommended training) to keep employees and external customers abreast of developments and requirements of the Information and Cyber Security Program
• Works with Security Operations Center (SOC) analysts and management to triage and respond to security alerts. Coordinates assessment, containment and eradication with the Incident Response Team. Coordinates tuning of preventative and detective security controls to increase fidelity and reduce false positives
• Manages threat lists (e.g. whitelists, blacklists, etc.)
• Ensures vulnerabilities are remediated according to established plans, including

• Proactively monitors the environment to detect and implement steps to mitigate cyber-attacks
  before they occur, including:
  o Monitors security-related resources for new and emerging cyber threats
  o Independently reviews, investigates, and responds to real-time alerts within the
  environment
  o Independently reviews real-time and historical reports for security and/or compliance
  violations
  o Communicates with senior cybersecurity personnel and IT management relating to

critical incidents and strategic security requirements

• Reviews system audit logs and the logs of other cybersecurity solutions
• Develops and executes Security Awareness activities (including recommended training) to keep employees and external customers abreast of developments and requirements of the Information and Cyber Security Program
• Works with Security Operations Center (SOC) analysts and management to triage and respond to security alerts. Coordinates assessment, containment and eradication with the Incident Response Team. Coordinates tuning of preventative and detective security controls to increase fidelity and reduce false positives
• Manages threat lists (e.g. whitelists, blacklists, etc.)
• Ensures vulnerabilities are remediated according to established plans, including:

o Independently running internal vulnerability/penetration testing tools as instructed
o Independently researches and recommends security patches (includes firmware, operating systems, and software) for cybersecurity solutions
o Independently evaluates the security impact of software changes

o Helps monitor vulnerability and threat services to understand current risk, recommend response and mitigation/countermeasure strategies

• Works with business units and end users to create new and enhance existing Data Loss Prevention (DLP) rules to expand the protection of Company data
• Conducts independent research into and provide informed opinions on the selection of 3rd party vendors and the process of TableTop cybersecurity exercises for all business units
• Composes or reviews cybersecurity incident response plans and runbooks and create or verify automation methods for plan and runbook implementation
• Recommends updates to IT security policies and procedures
• Other related duties as required