Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Information Security Specialist (Investigations)
Company NW Natural
Location Portland, OR
Preferred GIAC Certifications GCIH, GCFA, GNFA, GREM, or GRID
Travel 0%
Salary Base salary range: $84,950.00 - $117,600.00 or $107,800.00 to $149,200.00 per year, depending on qualifications
URL https://careers.nwnatural.com/job/Portland-Information-Security-Specialist-%28Investigations%29-OR-97086/817412100/
Contact Name Philip Spadaro
Contact Email philip.spadaro/at/nwnatural.com
Expires 2022-07-29

Job Description

The Role:

You’ll be a member of the Security Operations Team and collaborate with our teams on projects and operational work, as part of our security program to meet Transportation Security Administration Security Directives. This position will work closely with IT&S Compliance and other technical teams. The primary purpose of this position is to ensure Information Technology & Services (IT&S) Department is compliant with state and federal regulations by identifying, evaluating, prioritizing, monitoring, and reporting on the effectiveness of operational controls within Information Technology (IT) and Operational Technology (OT) environments.



Day to Day:

Security Monitoring / Incident Response -

Investigate potential security incidents to determine what occurred
Respond to security incidents including leading the response for smaller incidents
Apply NW Natural context to potential incidents to better understand potential security incidents
Collaborate with your team and the managed service provider to update incident remediation plans
Build and develop the investigative program through collaboration and influence
Automate response and investigative functions
Provide co-ordination and crisis management between engineering groups and security responders during high severity incidents
Develop and report on key performance indicators to show the effectiveness of our security monitoring / incident response processes as well as our managed service provider
Make technical decisions about our how we work with our managed service provider

Security Consulting -

Collaborate on projects to ensure that security issues are addressed throughout the project lifecycle
Review system designs and identify areas for security improvements
Provide ad hoc consulting on tactical security topics

General -

Evaluate security risks and their impact to NW Natural
Create technical documentation for other analysts and teams
Make technical decisions on behalf of NW Natural when working with the managed service provider
Develop and track key performance indicators for managed service provider
While the security monitoring and incident response responsibilities mean that there is an afterhours component to this role, typically it is less than one hour per week.



Come on your first day with:

Minimum of six years' IT, industrial control systems, or information security experience. Additional years’ of knowledge/complexity of assignments/experience required for level 3.
Bachelor's degree or equivalent additional work experience
ITIL Foundations certified or successful completion within 90 days of starting

Technical Competency -

A solid understanding of security priorities and concepts
Technical knowledge of mainstream operating systems, complex applications, identity and access management technologies, security information and event management, or endpoint security solutions.

Occupational Personality -

You’ll interact with NW Natural's personnel at various levels to understand business imperatives.
Strong technical communication skills will be key to your success. Your written and verbal communication skills will help you succeed, as will your ability to communicate security concepts and situations to audiences with varying levels of familiarity with these concepts.
Leadership abilities with the capability to direct other technical staff on security initiatives and guide team members
You’ll get to work with minimal supervision. Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
Your ability to manage expectations appropriately will help and build long-term relationships.
You’ll remain current with industry trends and evolving threats.



What we offer:

Work Life Balance -

Up to 21 Vacation Sick Time Days
11 paid holiday which includes 3 floating holidays.
Flexible work arrangements
3 weeks paid parental leave
1500 Sq foot exercise facility, onsite yoga classes, massage, and secure bike room.

Financial -

Meaningful Annual Incentive Bonus Opportunity in addition to base salary
Generous 401K company contribution and match.
15% Discount on ESPP
Up to $5250 a year in tuition reimbursement

Discounts -

20% off natural gas service
Up to 30% discount at NW Natural Appliance Center
TRI Met Pass for all HQ employees
Generous discounts with Verizon & AT&T Wireless