Cyber Security Identity Access Management Coordinator

The Cyber Security Coordinator is responsible for supporting components of GSOC's physical and Cyber Security and compliance programs. These programs include the following functional areas: asset management; Access Management; change management; vulnerability management; threat intelligence; incident management; and information protection. These programs are developed and implemented to protect critical infrastructure. The Cyber Security Coordinator acts as the primary role for physical, electronic, and informational CIP access authorization requests, provisioning, and revocations and supports other activities for the CIP Access Management program.

To perform this essential function, the Cyber Security Coordinator must demonstrate a high degree of organizational, time management, and written and oral communications skills and must have the ability to learn and adapt to quickly changing technologies, procedures, to ensure that the organization meets compliance and security requirements. The Cyber Security Coordinator will interface with key stakeholders across various business units within GSOC and the FOC including but not limited to: Human Resources, Department Managers, Contracts/Procurement, Security Engineering, as well as external entities including Georgia Power, the Member EMCs, vendors, and contractors.

Demonstrates an understanding of the NERC CIP Standards and provides general administrative support for documentation updates and evidence collection in support of the compliance program. This position completes periodic reports and data requests, in support of FERC, NERC, and SERC audits as well as to support GSOC CIP program requirements.

Job Duties:

• Facilitate processing of access authorization requests and revocations in support of the CIP compliance program. Understand and support provisioning of user accounts, roles, and permissions. Provide direction to stakeholders on CIP Access Management program and processes. Participate in annual and quarterly access reviews. Provides input for process improvements to the Access Management program and processes and supports the timely review and update of associated program documentation.
• Assist with documentation of threat intelligence alerts and notifications as well as incident response activities.
• Assist with asset management activities including documentation for asset commissioning and decommissioning activities, annual audits, and inventory processes.
• Maintain awareness of Cyber Security program documentation, including policies, procedures, standards, guidelines, articles, and other documentation. Maintain and organize the Security Operations' SharePoint sites and files.
• Stay up to date with the latest security trends, technologies, and regulatory requirements. Coordinate cybersecurity training materials for associates and our member EMCs.
• Assist with the cyber and compliance metrics collection and reporting related to Access Management.

Required Qualifications:

Education: Bachelor's degree in Cyber Security, Computer Science or Engineering, Information Technology, or a related field

Experience: Requires 0-2 years of experience in an industrial control systems environment, information technology, information security, or related role. Preferred experience with Active Directory managing user accounts and permissions.

Equivalent Experience: Associates degree in Information Systems, Computer Science, Engineering, or related field with 2 or more years of experience in an industrial control systems environment, information technology, or information security role. High school diploma with 4 or more years of experience in an industrial control systems environment, information technology, or information security role.

Licenses, Certifications, and/or Registrations: Certifications in Cyber Security, Information Systems, or Network Security are a plus.

Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Capability to provide leadership over implementation of processes. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.

Travel: 0 - 5%

Unusual Hours: Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed.

Georgia System Operations Corporation is an Equal Employment Opportunity Employer, including veterans and disabled. We are a drug-free workplace. All applicants are subject to substance abuse testing.