OT Cyber Security

Are you ready to be part of a company that's not just talking about the future, but actively shaping it? Join The AES Corporation (NYSE: AES), a Fortune 500 company that's leading the charge in the global energy revolution. With operations spanning 14 countries, AES is committed to shaping a future through innovation and collaboration. Our dedication to innovation has earned us recognition as one of the Top Ten Best Workplaces for Innovators by Fast Company in 2022. And with our certification as a Great Place to Work, you can be confident that you're joining a company that values its people just as much as its groundbreaking ideas.

AES is proudly ranked #1 globally in renewable energy sales to corporations, and with $12.7B in revenues in 2023, we have the resources and expertise to make a significant impact as we provide electricity to 25 million customers worldwide. As the world moves towards a net-zero future, AES is committed to meeting the Paris Agreement's goals by 2050. Our innovative solutions, such as 24/7 carbon-free energy for data centers, are setting the pace for rapid, global decarbonization.

If you're ready to be part of a company that's not just adapting to change, but driving it, AES is the place for you. We're not just building a cleaner, more sustainable future - we're powering it. Apply now and energize your career with a true leader in the global energy transformation.

The CIP OT Cyber Security Systems Administrator plays a crucial role in ensuring the security, reliability, and compliance of the organization's critical infrastructure. This position is responsible for implementing and maintaining security measures to protect computer systems, networks, and data. This role involves identifying vulnerabilities and threats, ensuring compliance with security policies, and responding to security incidents.

Specifically, this position is responsible for supporting the design, implementation, and maintenance of the organization's NERC (North American Electric Reliability Corporation) CIP (Critical Infrastructure Protection) programs related to the Bulk Electric System (BES) and associated cyber systems.

As a NERC-regulated position, a background check will be conducted on the incumbent at least every seven years.

Primary Responsibilities

- Lead the patch management program for Microsoft Windows Servers, desktops, virtualization platforms, storage and other appliances.

- Coordinate with stakeholders to schedule and deploy security patches, firmware updates, and hotfixes in compliance with NERC CIP and Cyber Security standards and operational requirements.

- Maintain patch baselines and document exceptions or delays with justifications.

- Provide evidence for quarterly/annual patch compliance audits, ensuring reporting accuracy and audit readiness.

- Track vulnerabilities, prioritize remediation efforts, and document corrective actions.System Security: Design, implement, and maintain robust security measures to protect NERC CIP critical infrastructure systems from cyber threats.

- System Administration: Implement and administer various cyber security products, tools, solutions and their corresponding applications and clients.

- Upgrade and Patch Systems: Plan and execute system upgrades and security patches to ensure that all systems are up to date with the latest security patches and updates to enhance functionality and security.

- Manage and Maintain: Manage numerous domains, networks, and physical and virtual environments that support numerous cyber assets across the AES US NERC CIP footprint.

- Troubleshooting: Diagnose and resolve technical problems related to OT systems, providing timely support to minimize operational disruptions.

- Monitoring: Continuously monitor cyber security OT systems to ensure optimal performance and promptly address any issues or anomalies.

- Change Management: Maintain and follow NERC CIP change management processes for all required changes.

- Backup and Recovery: Manage backup and recovery processes to ensure data integrity and availability in the event of a system failure.

- Documentation: Develop, revise, maintain, and implement detailed documented processes and operating procedures.

- Training: Provide training and support for staff on the proper use and management of OT systems.

- Innovation: Stay updated with the latest standards, requirements, trends, and advancements in the NERC CIP OT technology space to recommend and implement improvements.

- Risk Assessment: Perform risk and vulnerability assessments to identify, quantify, and mitigate potential security risks.

- Access Control: Manage user access rights and privileges, ensuring appropriate levels of security and compliance.

- Continuous Monitoring: Implement and maintain continuous monitoring solutions to detect and respond to security events in real-time.

- Incident Response: Develop and execute incident response plans, conduct investigations, and implement corrective actions.

- Vendor Management: Collaborate with external vendors and service providers to procure, implement, and maintain cyber security products and solutions.

- Compliance Management: Ensure adherence to NERC CIP standards and regulatory requirements, including regular audits, documentation, and reporting.

- Collaboration: Work effectively with both internal and external groups to procure, implement, configure, troubleshoot, and resolve issues with assets, applications, domains, networks, environments, etc.

- Other duties as assigned.

Qualifications

- Education: Bachelor’s degree in cyber security, Information Technology, Computer Science, Engineering, or a related field (or equivalent experience).

- Experience: Minimum of 3 years of proven experience in cyber security, OT systems administration, patch management, or related role.

- Certifications: Relevant certifications such as CISSP, CISM, CompTIA, Cisco, Microsoft, Linux, Unix, or similar are highly desirable and may be used in lieu of a degree.

- Technical Skills: Proficiency in numerous technologies and OT systems, such as security applications/systems, VMware, SCADA and DCS systems, system backup solutions, PowerShell, SQL, switches, firewalls, intrusion detection systems, SIEM, endpoint protection, security patching, vulnerability management, etc.

- Analytical Skills: Strong analytical and problem-solving skills to troubleshoot, conduct risk assessments and manage security incidents.

- Communication Skills: Excellent written and verbal communication skills to effectively convey security policies, procedures, incident reports, and technical issues to non-technical staff and auditors.

- Team Collaboration: Ability to work collaboratively with IT, operations, and compliance teams to ensure comprehensive security measures.

- Industry Experience: An ideal candidate would have experience in the Energy or Utility industry, experience supporting a 24 x 7 real time operations environment, experience supporting systems subject to regulatory compliance requirements, or experience with FERC, NERC, and/or a NERC Regional Entity.

Preferred Skills

- Experience supporting a 24 x 7 real time operations environment

- Experience supporting regulated industries such as energy/utilities or critical infrastructure.

- Experience with Big Fix Patch Management system

- Scripting knowledge (PowerShell, Python) for patch automation and compliance reporting.

- Strong organizational skills with the ability to balance daily system operations with patch compliance obligations.

Working Conditions

Remote work is allowed. Must be able to come to the office and data center environments as needed.

Physical Requirements

Up to 10% of travel may be required.

AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion. Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work. All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and/or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law. E-Verify Notice: AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.