Principal Security Engineer

ABOUT NPCC

Northeast Power Coordinating Council, Inc. (“NPCC”) is a not-for-profit corporation in the state of New York responsible for promoting and enhancing the reliability of the international, interconnected bulk power system in Northeastern North America. NPCC is one of six Regional Entities which, together with the North American Electric Reliability Corporation (“NERC”), make up the Electric Reliability Organization Enterprise. NPCC operates under a delegation agreement with NERC. This agreement recognizes that NPCC meets the qualifications for delegation of certain roles, responsibilities and authorities of a cross-border regional entity as defined by Section 215 of the Federal Power Act in the U.S. and through Canadian provincial regulatory and/or governmental Memoranda of Understanding (“MOUs”) or Agreements.

As a part of the ERO Enterprise, NPCC is committed to the collective vision of a highly reliable and secure North American bulk power system and shares the joint mission of assuring the effective and efficient reduction of risks to the reliability and security of the grid.

NPCC carries out this mission through (i) the development of regional reliability standards and compliance assessment and enforcement of continent-wide and regional reliability standards, coordination of system planning, design and operations, and assessment of reliability, (collectively, “regional entity activities”), and (ii) the establishment of regionally-specific criteria, and monitoring and enforcement of compliance with such criteria (collectively, “criteria services activities”). NPCC provides the functions and services for Northeastern North America of a cross-border Regional Entity through its regional entity division, as well as regionally-specific criteria services for Northeastern North America through its criteria service’s division.

POSITION DESCRIPTION

Under the direction of SVP, Technical Services, the Principal Information Security Engineer is responsible for designing, implementing, monitoring, and maintaining NPCC’s information security systems and policies. This role will assist the IT and Legal teams with the management of key Information Security initiatives, and support programs necessary to increase the cyber security of the electricity infrastructure within Northeastern North America. The Information Security Engineer will support various activities:

- Third Party Risk Management

- Endpoint Security

- Cloud Security

- Security Operations

- Identity and Access Management

- Training & Awareness

- Security Policies, Standards, Procedures

- Data Loss Prevention

- Identity & Access Management

- Technology Risk Management

- Entity Cybersecurity Outreach and Education

- ERO Enterprise and NERC Cybersecurity Initiatives

KEY RESPONSIBILITIES

- Lead the design and execution of advanced security solutions, including firewalls, IDS/IPS, VPNs, IAM, Endpoint Security, and SIEMs.

- Oversee the integration of security systems with existing infrastructure and manage the implementation of security best practices.

- Develop and implement Information security policies, procedures, and standards.

- Design and implement security solutions, including firewalls, intrusion detection and prevention systems, and data encryption.

- Monitor network activity for signs of unauthorized access or data breaches.

- Configure, test, monitor, and develop training materials for data loss prevention software.

- Develop and execute incident response plans, incorporating lessons learned into the enterprise security strategy and initiatives roadmap.

- Perform forensic analysis and support cybersecurity, legal, and compliance investigations.

- Respond to security incidents, investigate, and perform forensic analysis in support of cybersecurity, legal, and compliance investigations.

- Lead third-party due diligence through comprehensive risk assessments and platform analysis.

- Mentor junior cybersecurity staff on security architecture and best practices.

- Work with Network and Infrastructure Engineers to ensure all software and hardware are up to date with security patches and upgrades.

- Manage the end-user training and awareness program, including phishing simulations, in-person, and web conferencing trainings.

- Provide training, education, and communications to staff and industry stakeholders.

- Conduct entity cybersecurity outreach and risk assessment activities by researching relevant cybersecurity threats and developing security awareness materials.

- Perform information security and risk self-assessments of information systems to identify security and compliance gaps with organization policies, applicable regulatory and legal requirements, and leading industry practices.

- Maintain and report metrics quarterly related to asset vulnerabilities.

- Assist with the delivery of KRIs and KPIs by collecting and translating relevant threat, vulnerability, and risk data into insights.

- Assess the status of complex multi-location projects and identify and implement appropriate corrective measures to resolve issues as they arise.

EDUCATION AND CERTIFICATION/LICENSE CREDENTIALS

- Bachelor’s degree in Computer Science, Management Information Systems, Information Technology, Information Security, or equivalent experience.

- 5+ years of experience in information security or related field.

- CISSP, CISM, CISA, CRISC, GIAC, or other security-related certification.

- Microsoft Azure Certification AZ-500, SC-100

- Proficiency using Microsoft Office, and various governance, compliance, risk, vendor

management, control monitoring and cybersecurity tools.

FUNCTIONAL COMPETENCIES

Security Frameworks and Standards

- Extensive experience with security frameworks such as MITRE ATT&CK, NIST, and ISO.

- Strong understanding of the Center for Internet Security (CIS) top 20 Critical Security Controls.

Technical Expertise

- Extensive knowledge of network security architecture and protocols.

- Proficiency with security tools such as firewalls, intrusion detection and prevention

systems, and vulnerability scanners.

- Strong experience with cloud security, particularly with AWS or Azure.

- In-depth knowledge of Windows and Linux operating system environments.

- Proficiency in scripting languages such as PowerShell, Bash, and Python.

- Understanding of JSON and XML.

Incident Response and Forensics

- Experience in forensic analysis and associated principles.

- Strong experience baselining, trending, and improving cybersecurity incident response capabilities.

- Proven ability to develop and execute incident response plans, including root cause

analysis and mitigation strategies.

Security Operations and Monitoring

- Strong experience with configuration and operation of security monitoring platforms

(SIEM).

- Proven experience with Kusto Query Language (KQL) for engineering SIEM detections and threat hunting rules.

- Experience creating, tuning, and managing content across common security toolsets.

- Configuration and deployment of endpoint security detection and response tools (EDR and XDR).

- Configuration and management of Data Loss Prevention (DLP) technologies, including document sensitivity labeling.

- Experience configuring and deploying Conditional Access Policies.

- Understanding of Cloud Access Security Broker (CASB) technologies.

Risk Management and Compliance

- Extensive knowledge of information security and technology best practices, regulations, and regulatory trends, especially as they pertain to auditing and control

testing.

- Significant experience with Insider Risk Management Policies and Communications Compliance policies.

- Experience configuring and maintaining data protection policies for LLMs.

- Ability to perform security assessments to identify, prioritize, document, and

communicate findings to relevant stakeholders.

- Experience leading continuous monitoring activities and supporting various risk

assessments.

- Managing identity to adhere to the principle of least privilege.

- Extensive knowledge and experience implementing Zero Trust technologies and principles.

Strategic and Leadership Skills

- Proven ability to lead the design and execution of security solutions, including

firewalls, IDS/IPS, VPNs, IAM, Endpoint Security, and SIEMs.

- Oversee the integration of security systems with existing infrastructure and manage the implementation of security best practices.

- Ensure that security strategies align with the organization’s compliance obligations

and risk management goals.

- Mentor junior cybersecurity staff on security architecture and best practices.

- Provide advice, evaluation, and oversight for information security training and

awareness programs, including phishing, social engineering, and tabletop

exercises.

Analytical and Communication Skills

- Strong analytical and research skills with a keen attention to detail.

- Exceptional written and verbal communication skills, with the ability to explain complex technical problems to a wide range of vendors and coworkers.

- Demonstrated ability to summarize events/incidents effectively to legal counsel, executive management, and technical staff, both in written and verbal forms.

Personal Attributes

- Must demonstrate strong ethics, influence, negotiation, interpersonal skills, and

communication.

- Ability to effectively manage stress and engage in continuous learning by staying

current with relevant technology and innovation.

- A passion for innovation in cybersecurity, problem-solving nature, and ability to

work under pressure.

- Proven ability to think outside the box and always seek innovative ways of delivering

highly functional and effective technical security solutions.

- Strong work ethic and business acumen.

- Experience in adapting to a dynamic work environment and prioritizing tasks accordingly.

- Ability to multi-task and effectively structure work to handle multiple demands and

competing activities.

- Foster a sense of community with other team members through open communication, collaboration, and knowledge sharing.

PHYSICAL REQUIREMENTS

- Prolonged periods of sitting at a desk and working on a computer.

- Must be able to bend and lift equipment up to 50 pounds each

- Willingness to work flexible shifts and schedule including weekends, nights, holidays, and rotating shifts from days to nights for incident response.

EEOC AND DISCLAIMER

NPCC is proud to be an Equal Opportunity Employer committed to diversity and inclusion in the workplace. Employment, including the decision to hire, promote, discipline or discharge, will be solely based on competence, performance, and business needs. We prohibit discrimination on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, sex, age, national origin, religion, sexual orientation, gender, gender identity, gender expression, genetic information, marital status, citizenship, domestic violence victim status, or any other status protected under federal, state or local law.

Job Type: Full-time

Pay: $115,000.00 - $140,000.00 per year

Work Location: Remote