About us:

Founded in 1990, LS Power is a premier development, investment, and operating company focused on the North American power and energy infrastructure sector, with leading platforms across generation, transmission and energy transition solutions. Since inception, LS Power has developed or acquired over 47,000 MW of power generation, including utility-scale solar, wind, hydro, battery energy storage, and natural gas-fired facilities. Through LS Power Grid, the Firm has built and operates approximately 780 miles of high-voltage transmission and has another 350+ miles and multiple grid infrastructure projects currently under construction or development. Across its efforts, LS Power actively invests in and scales businesses that are accelerating the energy transition, including electric vehicle charging, demand response, microgrids, renewable fuels and waste-to-energy platforms. Over the years, LS Power has raised $54 billion in debt and equity capital to support North American infrastructure.

Our Purpose, Mission, & Values:

Our Purpose is to solve complex energy problems that improve the world

Our Mission is to make lives better by developing a cleaner and more reliable energy ecosystem

Our Values are the willingness to participate in and help strengthen our culture of integrity, Innovation, Teamwork, and Taking Ownership

Our People create value and are our Most Valuable asset.  We take our values of Integrity, Innovation, Teamwork and Taking Ownership seriously and ask candidates to think about how they can help us further enhance our culture with their specific skillsets, capabilities and experiences.

Benefits

We provide our team the opportunity to share their unique perspectives, solve new challenges, and continue in their career growth. We are committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits that include 100% employer paid premium healthcare, paid parental leave and more.

About the Role

This position will function as Senior OT Cyber Security Engineer with a primary focus on managing Splunk, including the front and back end. This position works with Operations Technology (OT) and critical control center OT systems.  Functioning at a senior engineer/administrator level, this individual will be responsible for effective provisioning, installation/configuration, operation and maintenance of systems hardware and software and related infrastructure in the OT security stack.  The Senior OT Cyber Security Engineer will ensure that system hardware, operating systems, applications, appliances and related procedures support the organizational mission of providing uncompromising security while maintaining the highest levels of reliable service.  In this role, the candidate will serve as the primary SME for Splunk and provide technical expertise for a suite of products used to maintain security and NERC CIP compliance.  Specifically, the position will be responsible for supporting maturity and maintenance of tools including logging, alerting, configuration monitoring, vulnerability assessment, asset inventory, and change management solutions. The role is also primarily responsible for ensuring security solutions are functioning as expected, and maintaining accurate documentation related to critical cyber assets.  The individual will operate in a cross-functional capacity working closely with engineers, operators, technicians, vendors and other OT team members. 

What you will do... 

• Communicate with system owners and stakeholders to configure log ingest and achieve event logging (EL) compliance according to NERC-CIP requirements. 
• Map system logs to NERC-CIP compliance requirements to support dashboarding compliance metrics. 
• Setting up Splunk Forwarding for new application tiers introduced into the environment.
• Identifying bad searches/dashboards and implementing solutions to improve performance.
• Troubleshooting Splunk performance issues
• Monitor the Splunk infrastructure for capacity planning and optimization.
• Troubleshoot log feeds, field extractions, search time, etc.
• Manage the Linux environment
• Create alerts, dashboards, objects, and integrations.
• Update application, servers, and related components to ensure the tool is always on the most secure version.
• Implement solutions using Splunk search language (SPL) and Splunk architecture
• Utilize at least one scripting or programming language for integrations and automation.
• Configure Splunk User Behavior Analytics
• Configure Splunk > Phantom
• Leverage subject matter expertise in security engineering and system security integration for security risk management.
• Support change management processes to ensure no adverse impact on dependent security controls.
• Provide engineering support for log data ingestion automation and ensure its performance.
• Develop and maintain hardening guides, security baselines, and standards that comply with NERC-CIP guidelines.
• Provide technical support to the incident response team on incident response and forensic investigations.
• Act as a liaison and coordinate activities with other support Contractors and external security service providers.
• Develop, maintain, and recommend enhancements to documentation, including SOPs, job aids, application checklists, and guidance documents.
• Facilitate and implement approved changes for system upgrades and new services.
• Perform implementation, administration, operations and maintenance, optimization, & integration of cybersecurity tools, technologies, and services

We want you on our team because you have a growth mindset that is curious and passionate about technologies and enjoys challenging projects.

Ideally you also have...

• 5+ years of Splunk administration experience
• 5+ years of experience performing functions and responsibilities related to security operations, maintenance and maturity of enterprise cybersecurity tools.
• Splunk Enterprise core Consultant, Certified Architect, or Splunk Cloud Certified Admin 
• 5+ years of demonstrated experience with Python, Java, Unix Shell Scripts, C, C++, etc.
• Bachelors of Science in Computer Science, Information Systems, Mathematics, Engineering or in lieu of degree, 8 years of IT experience.
• Security+, CISSP, CISA, or GIAC certification equivalent