Competitive Power Ventures, Inc.
Cybersecurity Engineer
Competitive Power Ventures, Inc., Silver Spring, Maryland, United States, 20900
Competitive Power Ventures, Inc. (“CPV”), with headquarters in Silver Spring, MD, and offices in Braintree, MA and Sugar Land, TX, is uniquely positioned to leverage global technology and financial partnerships to help modernize America’s power generation. We are driven to improve our energy infrastructure by developing and operating power generation facilities using cutting edge, domestically available natural gas, and renewable power technology. CPV is owned by OPC Energy, the first privately held electric company in Israel. OPC Energy became a public company in August 2017 and is traded on the Tel-Aviv Stock Exchange (TASE: OPCE).CPV is seeking a Cybersecurity Engineer to join our Information Technology Department in our Silver Spring, MD office.The Cybersecurity Engineer will identify threats and vulnerabilities in systems and software, applying company security policies and procedures to continue developing and implementing high-tech solutions to defend against hacking, malware and ransomware, insider threats, and all other forms of cybercrime in a 24/7/365 environment. The candidate will have a strong technical background in IT systems and firewall/network security, along with superior analytical and problem-solving skills, including the ability to interact directly with plant personnel. The candidate should have a deep understanding of the current cyber threat industry and preferably a background in industrial or power operation technologies.Responsibilities:
Responsible for supporting various aspects of the development of renewable energy generation projects in the US from site identification through financial closing and construction. Requires working within a team consisting of internal and external resources. The specific responsibilities of this position include but are not limited to:Deploying, managing, and monitoring cybersecurity applications (i.e., MDR, IDS, SIEM) both hardware and software across the CPV plant fleet networks.Troubleshoot network security related problems and work with plant Managed Service Provider (MSP) to implement fleet wide solutions.As the Incident Manager of the CSIRT, serve as first responder to gather information on cybersecurity events, following established security protocols, and notifying appropriate personnel.Testing for network and system vulnerabilities through penetration tests, and vulnerability scans.Develop tailored training, lead tabletop exercises, and conduct phishing campaigns to regularly test personnel and provide additional training for those that need it.Proactively remediate vulnerabilities identified by 3rd parties including OEMs, vendors, and threat repositories such as MS-ISAC and CVE.Ensure that the organization’s data and infrastructure are protected by upholding security policies, reviewing best practices, and making recommendations.Oversee switch & firewall configuration changes, patch management, and perform regular review of firewall rules to ensure they meet security requirements.Work with MSP and application vendors to complete regular security checks on systems to identify operational visibility loss through downed sensors or failed hardware appliances, remediating as required.Use available security solutions suite to hunt for cyber threats within network environments.Perform daily administrative tasks, reporting, and communication with department headand plant personnel.Operate security controls and make notifications within local state & federal government requirements as well NERC CIP standards.Willingness to travel up to 25% of time to plants and other CPV locations.Requirements:
Bachelor’s Degree or equivalent education in Cybersecurity, Computer Science, Information Systems, Information Security & Assurance, Information Technology, Engineering, or related field.Five (5)+ years managing IT/OT security vendor platforms such as Crowdstrike, Duo, Claroty, and Arctic Wolf.Two (2)+ years or more experience with Active Directory, Hyper-V, VMware, or similar virtualized platforms.Must have expert-level experience with firewall (Watchguard and Cisco preferred) and network switch (Meraki preferred) configuration, management, and troubleshooting.Team leadership, vendor management, or industrial/power operation experience is a big plus.A minimum of one (1) of the listed preferred certifications: CISM, CISA, CEH, CISSP, CCNA, CCNP.Must be able to lift and carry up to 25 lbs.Excellent written and verbal communication skills.Ability to communicate effectively with various internal and external stakeholders, at all staffing levels.Detailed-oriented, organized, and able to effectively prioritize responsibilities in a fast-paced environment.Exhibit a professional demeanor that aligns with our core values.Must pass a pre-employment criminal background check and financial credit check.CPV holds all employees to the highest ethical standards and is committed to conducting business with integrity, transparency, and honesty to ensure our success.
#J-18808-Ljbffr
Responsible for supporting various aspects of the development of renewable energy generation projects in the US from site identification through financial closing and construction. Requires working within a team consisting of internal and external resources. The specific responsibilities of this position include but are not limited to:Deploying, managing, and monitoring cybersecurity applications (i.e., MDR, IDS, SIEM) both hardware and software across the CPV plant fleet networks.Troubleshoot network security related problems and work with plant Managed Service Provider (MSP) to implement fleet wide solutions.As the Incident Manager of the CSIRT, serve as first responder to gather information on cybersecurity events, following established security protocols, and notifying appropriate personnel.Testing for network and system vulnerabilities through penetration tests, and vulnerability scans.Develop tailored training, lead tabletop exercises, and conduct phishing campaigns to regularly test personnel and provide additional training for those that need it.Proactively remediate vulnerabilities identified by 3rd parties including OEMs, vendors, and threat repositories such as MS-ISAC and CVE.Ensure that the organization’s data and infrastructure are protected by upholding security policies, reviewing best practices, and making recommendations.Oversee switch & firewall configuration changes, patch management, and perform regular review of firewall rules to ensure they meet security requirements.Work with MSP and application vendors to complete regular security checks on systems to identify operational visibility loss through downed sensors or failed hardware appliances, remediating as required.Use available security solutions suite to hunt for cyber threats within network environments.Perform daily administrative tasks, reporting, and communication with department headand plant personnel.Operate security controls and make notifications within local state & federal government requirements as well NERC CIP standards.Willingness to travel up to 25% of time to plants and other CPV locations.Requirements:
Bachelor’s Degree or equivalent education in Cybersecurity, Computer Science, Information Systems, Information Security & Assurance, Information Technology, Engineering, or related field.Five (5)+ years managing IT/OT security vendor platforms such as Crowdstrike, Duo, Claroty, and Arctic Wolf.Two (2)+ years or more experience with Active Directory, Hyper-V, VMware, or similar virtualized platforms.Must have expert-level experience with firewall (Watchguard and Cisco preferred) and network switch (Meraki preferred) configuration, management, and troubleshooting.Team leadership, vendor management, or industrial/power operation experience is a big plus.A minimum of one (1) of the listed preferred certifications: CISM, CISA, CEH, CISSP, CCNA, CCNP.Must be able to lift and carry up to 25 lbs.Excellent written and verbal communication skills.Ability to communicate effectively with various internal and external stakeholders, at all staffing levels.Detailed-oriented, organized, and able to effectively prioritize responsibilities in a fast-paced environment.Exhibit a professional demeanor that aligns with our core values.Must pass a pre-employment criminal background check and financial credit check.CPV holds all employees to the highest ethical standards and is committed to conducting business with integrity, transparency, and honesty to ensure our success.
#J-18808-Ljbffr