Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Role : Meter Modernization Security Resource Duration : Very long term start September Location : Can Be Remote (Work in PST hours only) Description: Client desires to update its current gas meter data collection solutions. This requires operational modernization based on a comprehensive Meter Strategy that is designed to assist in the alignment of the wide variety of business and technological needs that must be addressed over the coming years. The output of this strategic recommendation requires a series of diverse and complex projects that will have several interdependencies and will require integrated technical designs and impact many business stakeholders. Timelines are based on current understanding of project requirements and are subject to change. Scope The scope includes consulting on the project during the design and implementation phases as well as creating and updating documentation on the work performed. There are two distinct initial efforts: Onboarding of a new tool to ensure operational readiness and an upgrade of existing application impacting consumer gas meters. * Review new solutions using the NIST (National Institute of Standards and Technology) Cyber Security Framework (CSF) to ensure security risks are identified, documented, and dispositioned. * Work with vendors and the Client Compliance Team to complete a Third-Party Information Security Assessment (TISA), which evaluates the security posture of the vendors. * Work with other project team members to integrate new solutions into the existing client environment following client's policies, standards, and guidelines and industry best security practices. * Consult on impacts of project efforts to TSA Security Directive Pipeline-2021-02D (SD-02D), and future revisions or superseding regulations, including potential integration and configuration of additional critical cyber systems to client's environment. * Consult on a wide range of security tools & technologies, specifically including Public Key Infrastructure (PKI * Create as-built artifacts and standards. * Prepare and provide documentation and input for audits. * Attend and actively participate in validation sessions along with client business owners, Technical SMEs, PMs, and Change Management team members. * Work in collaboration with NW client technical SMEs (Subject Matter Experts) and Administrators, Project Management, and Change Management team members during client working hours 8 AM - 5 PM PST Monday-Friday. - Attend routine stand ups. - Attend routine working sessions. * Provide and respond to frequent daily communications and status requests from stakeholders, PMs (Project Managers), and Change Managers * Weekly time tracking and approval. Deliverables * Documentation -Security Design Review ^ ^ Assessment and findings, including vulnerability scans and associated remediations. ^ ^ Inventory ^ ^ Architectural Diagram ^ ^ Threat Model ^ ^ System Security Authorization Plan (SSAP) ^ ^ Disaster Recovery (DR) and DR Test Plans ^ ^ Business Impact Assessment (BIA) ^ ^ Exception Requests (as needed) ^ ^ Plan of Action and Milestones (POAM) (as needed) - Third-Party Information Security Assessment (TISA) - Architectural Review Board (ARB) - Technical Review Board (TRB) - Change Management Review Board (CMRB) - Change Advisory Board (CAB) - Other documentation as required (e.g., for audits and inspections, updates to standards and procedures, etc * Assessment of products and implementation plans. * Assist with operationalization of chosen technologies (e.g., develop procedures), including a form factor and Operating System (OS) change for field users. * Consult with project team and other stakeholders, e.g., OT practitioners, the Cybersecurity and Compliance teams, Enterprise Architecture, Infrastructure, Network, etc. during development and implementation. Key Skills and Qualifications * 8+ years of practical information security experience. * 4+ years of Operational Technology (OT) experience. * Experience working in a regulated utility environment is a plus. * Knowledge of networking security concepts in a geographically dispersed environment. * Experience working in a cross functional team, with the ability to lead/drive the scope of work. * Experience with cyber security assessments. * Industry cybersecurity and/or technology certifications are a plus. * Demonstrated experience in working with a remote team. * Excellent interpersonal skills, including collaboration, facilitation, and negotiation. * Ability to lead work effort with little day to day supervision. Ability to work through ambiguity and escalate issues to maintain project momentum.