Information System Security Engineer III
Specialty: Access Control & Monitoring Business Systems Analysis
This position is located within Bonneville Power Administration's Information Technology, Software Development organization (JS), which supports the Physical Access Control and Monitoring (PAC&M) Team. This position plays an integral role in the research and development of current and new systems used for access control and video monitoring of critical infrastructure. The Security Engineer will lead and facilitate gathering of information to document current state, evaluate alternatives and future state design and implementation plans. The position is located in Portland, Oregon and will work closely with organizations across the agency. There is a possibility the position will move to Vancouver, Washington within the year.
Responsibilities include but not limited to:
Serve as a project team lead for effort to design, engineer and implement new access control and monitoring technologies and solutions Produce initial design concepts incorporating industry best practices and compliance requirements as defined by BPA, DOE, DHS and NERC. Install, configure, troubleshoot, and administer security system applications such as access control administration software, DVR/NVR, digital cameras, and remote management within parameters set forth by PACS information system owner (ISO) and authorized designees. Provide leadership and subject matter expertise to the PAC&M team. Coordinate PAC&M tasks between business and technical units and provide mentorship to backup personnel. Plan, design and lead prototyping sessions, corporate demonstrations and requirements gathering meetings. Perform fit gap analysis and propose implementation approaches. Provide "Best Practices" advice on using the delivered functionalities Actively engage with impacted organizations and IT teams to properly understand business needs, dependencies on other pending initiatives, and effectively deploy solution(s). Decompose high-level information into details and abstract up from low-level information to resolve solution vs. requirements conflicts. Negotiate priorities and resolve requirement conflicts among various stakeholders Research new and emerging techniques to determine their applicability for support of the needs of operations. Present demonstrations of emerging technologies to acquaint BPA staff with capabilities and applicability to business solutions. Develop and implement configuration management plans for secure, complex environment. Perform thorough assessment of existing security roles and permission lists to provide recommendations for improvement. Assist team with proper security, storage, transportation, and participate in physical inventory count processes of equipment as requested. Provide cross training and functional documentation for all assigned technology efforts. Test and document new IP based security hardware and software. Install, and upgrade system software, client hardware and components as necessary. Execute authorized procedures to analyze, diagnose and resolve system trouble conditions during normal and after hours to ensure operational status in a timely manner. Monitor and troubleshoot application and server/host communications and system performance issues in coordination with Network services. Perform and/or coordinate activities to ensure adherence to internal quality assurance standards on all implementations of varying size and complexity involving multiple vendors, contractors and internal stakeholders. Work with other IT personnel and authorized vendors to execute approved preventive maintenance and perform performance testing.
10+ years of experience in Computing/Software/Information Technology is required Undergraduate college Degree in Computer Technology or related field is preferred, or in lieu of degree, an equivalent of 5 additional years' experience (15+ years total experience) in Computer Technology or related field is required. Past experience must include work in hands-on technical implementation of networks and systems. 5+ years of experience in engineering of technology systems, including demonstrated experience evaluating various different technical, operational and management solutions to security problems, using written language and various media to present alternatives and recommendations. 3+ years of experience in physical security system support is required, including experience effectively performing security control implementation on networks, servers and systems and/or vulnerability assessments. Strong desktop support/troubleshooting experience of security hardware, software, peripheral devices and networking equipment is required. Work experience must also include demonstrated analyst experience using technical product life cycle concepts and requirements engineering. Should also include experience developing new infrastructures utilizing emerging technology
Demonstrated skill in facilitation, technical interviewing, negotiation, written communication, presentation and technology management. Ability to work with a diverse group across business units to elicit both technical and business requirements is a must. Advanced understanding of server Operating Systems (Windows 2003 and above) Advanced understanding of network topologies Advanced knowledge of Security systems hardware, Access Control software, and CCTV/DVR/NVR systems. Advanced understanding of firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) Advanced experience gathering and analyzing user requirements, performing fit/gap analysis, and developing prototypes. Knowledge of National Energy Reliability Corporation - Critical Infrastructure Protection (NERC/CIP) standards Knowledge of and experience implementing government physical access control system (PACS) standards including HSPD-12 and FIPS-201 Knowledge of LAN and WAN development principles and methods Knowledge of cable terminations, installation of cables such as copper, fiber, 15 pr, CAT 5/6. Knowledge of Ports and Protocols, EIGRP, OSPF, Spanning-Tree, VLANs, ACLs, etc. Knowledge of network architecture principles and concepts and network management tools Knowledge of Packet capture, bandwidth testing and cable testing tools such as Wireshark, Fluke. p Strong understanding of project management concepts and methodologies
DEA is proud to be an AA/EEO employer and all qualified candidates will receive consideration without regard to characteristics protected by applicable local, state or federal law, such as race, color, sex, age, religion, national origin, physical or mental disability, pregnancy, marital status, veteran or military status, genetic information or sexual orientation.
About David Evans and Associates
Since its founding in 1976 in Portland, Ore., DEA has become a recognized leader for progressive and sustainable design and management solutions for complex transportation, land development, energy, and water resources projects nationwide. The firm has over 25 offices in seven states and employs nearly 1,100. Its staff includes professional engineers, surveyors, planners, landscape architects, and natural resources scientists. DEA is an employee-owned corporation and consistently ranks among Engineering News Record's Top 100 Pure Design firms in the U.S. DEA and its staff are committed to improving the quality of life, while demonstrating stewardship of the built and natural environments.