Job Description
Job Description
Position Summary Description
Administers, configures and supports the Physical Access and Control System (PACS). This includes maintenance of servers, workstations, networks, cameras, software, operating systems and patching of identified cyber assets to meet NERC CIP standards. In addition, assist with the monitoring of system-level security functions for the systems and network (hardware, software, databases, etc.) that comprise the PACS, Video Surveillance Systems (VSS) and the Energy Management System (EMS).
Essential Functions
- Maintains and supports server, storage and affiliated hardware and software configurations for PACS and VSS.
- Updates records, documents and diagrams of the server and storage environment are maintained for PACS, VSS and EMS to ensure compliance with NERC CIP standards.
- Provides options for changes to improve service and/or contain costs.
- Reviews and follows the procedures necessary to comply with the security requirements and measures of the NERC CIP Standards for the PACS and EMS.
- May participate as a Subject Matter Expert (SME) during NERC CIP audits.
- Performs the security patching activities (assessment, testing and implementation) required for the identified PACS and EMS cyber assets.
- Reviews security and event logs for identified cyber assets and reports all cyber security incidents found.
- Implements the periodic update of the PACS and EMS anti-malware definition files in compliance with NERC CIP standards.
- Performs and tests the periodic backups of PACS cyber assets.
- Participates in the annual disaster recovery drill in accordance with NERC CIP-009 R2.
- Performs removal and destruction of defective or obsolete equipment as outlined in SECI procedures and NERC CIP standards.
- Creates, monitors and maintains the monthly software / ports / services baselines for all PACS and EMS cyber assets.
- Remains abreast of current and proposed NERC cybersecurity standards along with current cybersecurity threats, technology advancements and industry trends.
- Reports the progress of all assigned tasks ensuring management’s awareness of project status.
- Participates in cybersecurity training programs.
- Produces, organizes and maintains evidentiary documentation required for compliance with NERC CIP standards.
- Participates in the annual required cyber vulnerability assessment in accordance with NERC CIP-010 R3.
- Produces cybersecurity reports as requested.
- Performs other duties as applicable to the position or as assigned.
- NERC Compliance: Performs NERC Compliance Program roles if/as designated in Seminole’s Standard Ownership Matrix (SOM) including ongoing evidence retention in “audit-ready”. You should also be familiar with Seminole’s Enterprise Internal Compliance Program (ENT-GCD-RGC-EP-054) to further your understanding of Seminole’s compliance program and the context of your duties and responsibilities attendant to your designation in the SOM.
Qualifications and Education Requirements
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Computer Engineering or a closely related field is required from an accredited institution. Two (2) years of similar experience may be substituted for each one (1) year of formal education. Two (2) years of experience in a position as a PACS or network administrator responsible for the maintenance and support of server hardware, software or CCTV cameras is desirable. CompTIA, A+, or equivalent certification is desirable.
Core Competencies: Adaptable, Collaborative, Conscientious, Critical-Thinking, Outcome-Driven and Professional
Technical Competencies/Skills:
- Cyber and Network Security
- Network Administration
- Patch Management
- CCTV Cameras and DVRs
- Data Backup and Recovery
- Operating Systems
- Server Hardware
- Proficiency with Microsoft Office applications
Soft Competencies/Skill:
- Effective verbal/nonverbal, listening and written communications
- Planning
- Analytical
- Problem Solving
- Organization
- Customer Service focus
Physical Requirements
Must be able to follow established protective measures including wearing required personal protective equipment (PPE). Must possess a valid driver’s license and acceptable Motor Vehicle Report.
Working Conditions
Some travel and work outside of normal business hours. While working in certain areas of the plant or substation there is the potential for exposure to hazards typical of an industrial working environment. Maintains critical cyber equipment in a real-time environment that requires 24/7 on-call support and is subject to call out at any time which may include extended periods during inclement weather or other emergency conditions.
“Disclaimer - Management may modify this job description at any time and may require the performance of additional duties, or modification of physical requirements, with or without advance notice.”