Logo
TECO

Cyber Vulnerability Analyst, Progression

TECO, Tampa, Florida, 33646


Power up a career with us. Our people are our greatest investments. Be the light to help us keep our customers connected. If you are interested in a career and not just a position, Tampa Electric is the place to be Tampa Electric offers competitive pay, a comprehensive benefits package and opportunities for growth and development in a friendly and professional work environment. We embrace diversity and the inclusion of all. We believe our differences, unique perspectives and talents are our strengths and integral to the success of our company. We're honored to serve approximately 780,000 customers across West Central Florida and safely provide them with clean, affordable and reliable electricity. We've been doing it for more than 100 years, and there's so much more ahead. Join our team of energy experts as we build on that legacy through innovation, continued solar investments, cost-effective and sustainable energy solutions all while keeping top-notch customer service at the center of all we do. Tampa Electric is a subsidiary of Emera Inc., a family of energy companies which also includes TECO Peoples Gas and New Mexico Gas Company. Emera provides energy to residential and commercial customers in the United States, Canada, and the Caribbean, with career opportunities available in all of these locations. TITLE: Cyber Vulnerability Analyst Progression PERFORMANCE COACH: Lead Vulnerability Management COMPANY: Tampa Electric DEPARTMENT: Information Security POSITION CONCEPT The Cyber Vulnerability Analyst Associate plays a crucial role in assisting with identifying, evaluating, and mitigating security vulnerabilities within an organization's IT infrastructure. Conduct regular and comprehensive scans of networks, systems, and applications to detect potential vulnerabilities, analyze the results, and prioritize risks based on their severity and potential impact. Works closely with IT Operations, SMEs, and cybersecurity teams to develop and implement remediation strategies, ensuring that all security weaknesses are addressed promptly and effectively. Stay updated with the latest security trends and understand emerging threats. This is a multi-level position and the salary range for this position varies and is commensurate with skills, experience, and education. Cyber Vulnerability Analyst Associate PRIMARY DUTIES AND RESPONSIBILITIES 1. Conduct routine vulnerability assessments and scans using industry-standard tools. 20% 2. Assist in analyzing security vulnerabilities and recommend appropriate remediation measures. 15% 3. Collaborate with cross-functional teams to ensure timely resolution of identified vulnerabilities. 15% 4. Participate in security and vulnerability awareness programs and provide basic training to SMEs and end-users that are leveraging tools to manage and mitigate vulnerabilities. 10% 5. Prepare and deliver detailed vulnerability assessment reports to technical and non-technical stakeholders. 10% 6. Prepare and deliver reports on vulnerability assessments, trends, and risk mitigation strategies. 10% 7. Evaluate and analyze the potential impact and risk associated with identified vulnerabilities. 10% 8. Provide recommendations for risk mitigation and remediation strategies. 10% QUALIFICATIONS Education Required: High School Diploma or equivalent. Licenses/Certifications Required: From the list of certification vendors, one related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.). Related Experience Required: 5 years of related Cyber Security, IT, or Technical (hands-on networking, telecommunications [radios, satellites, communications, etc.], hardware, software) experience. May consider a degree in lieu of experience. 3 years related experience required with an Associates Degree or 1 year related experience required with a Bachelor's Degree in Computer Science, Information Systems or other IT related discipline. Experience may include up to one year of demonstrated IT experience, within a formal college/university internship or co-op program. Knowledge/Skills/Abilities (KSA) Required: • Strong analytical skills, attention to detail, and a proactive approach to maintaining the security and integrity of the organization's digital assets. • Understanding of foundational cybersecurity principles, concepts, and best practices. • Familiarity with common cyber threats, attack vectors, and risk management. • Knowledge of vulnerability scanning methodologies and techniques. • Good working knowledge of major operating system security (Windows, Mac OS, Linux/Unix), endpoint, server, and network security • Familiarity with cybersecurity frameworks and standards such as NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. • Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX and PCI. • Ability to analyze vulnerability scan results, assess potential risks, and prioritize vulnerabilities based on severity and business impact. • Ability to perform risk assessments and evaluate the potential impact of vulnerabilities on the organization. • Collaborative skills to work effectively with cross-functional teams, including system administrators, developers, and security professionals. • Analytical skills to assess complex systems, identify vulnerabilities, and recommend appropriate remediation measures. • Ability to troubleshoot and solve security-related problems efficiently and effectively. • Ability to manage multiple tasks and projects simultaneously. • Effective time management and organizational skills to meet deadlines and project milestones. • Thoroughness and attention to detail in conducting vulnerability assessments and documenting findings. Cyber Vulnerability Analyst: POSITION CONCEPT The Cyber Vulnerability Analyst plays a crucial role in identifying, evaluating, and mitigating security vulnerabilities within an organization's IT infrastructure. Conduct regular and comprehensive scans of networks, systems, and applications to detect potential vulnerabilities, analyzing the results, and prioritizing risks based on their severity and potential impact. Works closely with IT Operations, SMEs, and cybersecurity teams to develop and implement remediation strategies, ensuring that all security weaknesses are addressed promptly and effectively. Stay updated with the latest security trends and understanding emerging threats. Assist with developing and refining the organization's vulnerability management policies and procedures. May prepare detailed reports and presentations for both technical and non-technical stakeholders. PRIMARY DUTIES AND RESPONSIBILITIES 1. Conduct in-depth vulnerability assessments and penetration tests on various systems and applications.20% 2. Analyze and prioritize vulnerabilities based on risk assessments and potential impact. 20% 3. Collaborate with system administrators and developers to implement and validate security measures. 20% 4. Develop and maintain documentation related to vulnerability assessments and remediation efforts. 20% 5. Contribute to the development and improvement of vulnerability management processes and procedures. 20% QUALIFICATIONS Education Required: High School Diploma. Licenses/Certifications Required: From the list of certification vendors, one related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.). Related Experience Required: 6 years of related Cyber Security or IT experience. May consider a degree in lieu of experience. 4 years related experience required with an Associates Degree or 2 years related experience required with a Bachelor's Degree in Computer Science, Information Systems or other IT related discipline. Cyber Vulnerability Analyst Sr: POSITION CONCEPT The Cyber Vulnerability Analyst Sr plays a crucial role in identifying, evaluating, and mitigating security vulnerabilities within an organization's IT infrastructure. Conduct regular and comprehensive scans of networks, systems, and applications to detect potential vulnerabilities, analyzing the results, and prioritizing risks based on their severity and potential impact. Collaborate closely with IT Operations, SMEs and cybersecurity teams to develop and implement remediation strategies, ensuring that all security weaknesses are addressed promptly and effectively. Stay updated with the latest security trends and understanding emerging threats. Play a key role in developing and refining the organization's vulnerability management policies and procedures, providing guidance and training to other staff members, and preparing detailed reports and presentations for both technical and non-technical stakeholders. PRIMARY DUTIES AND RESPONSIBILITIES 1. Mature the vulnerability management program, including the development of strategies and policies. 30% 2. Provide expert guidance on complex vulnerabilities and security incidents. 15% 3. Conduct threat modeling and risk assessments to identify emerging risks and potential impact on the organization. 15% 4. Mentor junior analysts and provide training to enhance the overall team's skill set. 20% 5. Collaborate with other cybersecurity teams to enhance organization's overall security posture. 20% QUALIFICATIONS Education Required: High School Diploma. Licenses/Certifications Required: From the list of certification vendors, two related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.). Related Experience Required: 8 years of related Cyber Security or IT experience. May consider a degree in lieu of experience. 6 years related experience required with an Associates Degree or 4 years related experience required with a Bachelor's Degree in Computer Science, Information Systems or other IT related discipline. LI - SAC TECO offers a competitive Benefits package Competitive Salary 401k Savings plan w/ company matching Pension plan Paid time off Paid Holiday time Medical, Prescription Drug, & Dental Coverage Tuition Assistance Program Employee Assistance Program Wellness Programs On-site Fitness Centers Bonus Plan and more