ABOUT PREVALON
Prevalon Energy LLC (Prevalon), a Mitsubishi Power Americas and EES joint venture, is a leading global energy storage technology and services company that is empowering companies to deploy flexible energy solutions and accelerate a more sustainable energy future.
With 10 years of global battery energy storage experience and over 4 GWh of utility-scale battery energy storage projects deployed, Prevalon develops an end-to-end integrated battery energy storage solution that delivers throughout the entire lifecycle of your project and ensures performance.
Working with our customers to develop a solution to meet the demands of their energy system today and into the future, we are grounded by the principles of commitment, reliability and expertise to guide our decision making, design philosophy, and relationship building.
JOB SUMMARY
The EMS Cybersecurity Lead Analyst is responsible for creating and maintaining the Cybersecurity Policies and procedures for the Operational Technology deployed within Prevalon Energy’s EMS Platform. The lead will also be responsible for safeguarding critical infrastructure; cloud and edge; including annual system maintenance, compli ance documentation, intrusion/ abnormality monitoring, and incident response.
Essential Duties & Responsibilities
Essential duties and responsibilities include, but are not limited to, the following:
- Develop, maintain, and enforce IEC-62443, NIST 800-82, and ISO 27001-1 compliance programs for Prevalon’s ESS Industrial Control Platform.
- Drive software development and life cycle practices ensuring compliance with relevant cyber security standards and industry best practices.
- Architect and design security requirements for implementation (product and processes)
- Collaborate with customers regarding security processes, practices, and penetration test activities
- Collaborate with 3rd party auditors and consultants that will be analyzing the insightOSTM for any vulnerability including penetration testing.
- Perform real-time analysis of immediate threats and triage when necessary to ensure integrity and continuous operation of power plant fleet
- Develop cybersecurity specifications for testing and validation.
- Review/coordinate design and other technical information from suppliers and contractors
- Train and mentor Network Admins and potentially other cybersecurity analysts.
- Maintain on-prem Windows Domain Controllers including the Active Directory and Group policies.
- Expect 10% travel, mostly to HQ for Factory Acceptance Testing Events. The remaining time to be either a hybrid or remote.
- Perform other duties as assigned
Knowledge, Skills, & Responsibilities
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Assist in developing and maintaining IEC-62443, NIST 800-82, and ISO 27001-1 compliance program for ESS/Industrial control platform.
- Deep understanding of Frameworks including NIST, ISA/IEC 62443, and ISO27001 along with NERC CIP Regulations.
- Drive SW development and life cycle practices ensuring compliance with relevant cyber security standards and industry best practices.
- Perform real-time analysis of immediate threats and triage when necessary to ensure integrity and continuous operation of power plant fleet.
- Architect and design security requirements for implementation (product and processes).
- Communicate effectively with staff and management at all levels.
- Always maintain the highest degree of honesty and integrity.
- Assist in the deployment of new features and solutions in the SCADA and EMS platform related to Cyber Security.
- Collaborate with customers regarding security processes, practices, and penetration test activities.
- Train/mentor other less experienced staff in best cybersecurity practices when working on OT.
- Lead proactive team efforts to achieve departmental and company goals.
- Protect confidential information by not communicating, disclosing to, or using it for benefit of 3rd parties.
- Comply with all EHS policies, practices and procedures reporting all unsafe activities to Management and/or Human Resources.
- Work in the global environment to maintain standards and latest practices.
- Able to define problems, collect data, establish facts, and draw valid conclusions. Able to interpret an extensive variety of technical instructions, read and understand network, mechanical and electrical drawings.
- General Technical Skills such as Azure, AWS, or GCP. o Operating Systems. Such as Ubuntu or Windows Server 2022. o CI/DC Tools. Such as Azure DevOps, GitHub actions, GitLab Pipelines. o Virtualization. Such as VMWare (Vsphere, Vcenter), Windows Hyper-V o Vision Control Tools. Such as GIT, GITHUB, Bitbucket, SVN, Azure Repos.
Education & Experience
- A bachelor’s or associate’s degree in Computer Science, IT Network Administration or cybersecurity.
- Minimum of five (5) years of related experience in the industry.
- Experience working with industrial control systems as a network admin preferred.
- Experience in working with Azure Dashboard, VMWare, & Firewalls is a must.
- Participation and or contributor to NERC forums or ISA standards for control systems.
- Experience with cyber security in the context of industrial control systems. Experience managing/implementing/enforcing cyber security compliance program. IEC 62443 or similar certification.
- Able to define problems, collect data, establish facts, and draw valid conclusions. Able to interpret an extensive variety of technical instructions, read and understand network, mechanical and electrical drawings.
- Managed Azure Infrastructure in the past. Such as Worker Roles, Azure Web Roles, VM Role, Azure. Storage, Azure Active Directory Licenses, Managed Virtual Machine.
- Monitor Incoming and outgoing traffic and manage IPSEC tunnel configuration settings. An understanding of encryption techniques.
- Implemented Firewall Configurations such as creating ACLs or policies for controlling inbound/outbound traffic to and from sites. Specifically worked with FortiGate products preferred.
- MFA. Worked in implementing a Multi-Factor Authentication system in Azure.
- SCM. Integrating Source Code Management tools, specifically Azure DevOps and SVN. The aim is to establish a robust SCM foundation, ensuring efficient code management and collaboration.
- VM Creations. Microsoft cloud service Azure, manage virtual network by ARM templates for Azure Platform.
- LDAP. Knowledge in setting up Trees and queries for AD Group Authentication.
Physical Requirements & Work Environment
The physical demands and work environment characteristics described herein are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Regularly required to stand and walk.
- Frequently lift and/or move up to 25 pounds.
- Occasionally lift and/or move up to 50 pounds.
- The noise level in the work environment is usually moderate to loud. Hearing protection may be recommended and/or required in some work locations
Job Type: Full-time
Pay: From $140,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Vision insurance
Work Location: Hybrid remote in Lake Mary, FL 3274
Linked-in
Google