Job Details

Senior Cyber Security Operations Analyst – Vulnerability Management

Portland General Electric, Portland, Oregon

Job - Corporate/Business

Salary Range: DOE

Close Date: 10/03/2020

In this role, you will have the unique opportunity to join our Cyber Security Team! 

You will be part of the team that is responsible for enterprise security vulnerability management. This role will include: tool implementation, monitoring, security controls testing & assessments, configuration management. You will implement and analyze enterprise vulnerability activities required for security mitigation. You may have responsibility for adherence to corporate cyber security program, so we continue to mature our security program.

Key Responsibilities:

  • Information Security:  Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Investigates major breaches of security and recommends appropriate control improvements. Contributes to development of information security policy, standards and guidelines.
  • Incident Response:  Investigates suspected attacks and manages security incidents. Uses forensics where appropriate. Prioritizes and diagnoses incidents according to agreed procedures. Investigates causes of incidents and seeks resolution. Escalates unresolved incidents. Facilitates recovery, following resolution of incidents. Documents and closes resolved incidents according to agreed procedures.
  • IT Architecture:  Leads or consults with other Cyber Security Analysts to enable the correct application of operational procedures using network and security management tools to determine network load and performance statistics. Plans and implements maintenance and installation work for network and security changes and maintenance routines. Identifies and resolves operational problems. Oversees development of reports and proposals for operational improvements.
  • Applications Support:  Maintains application support processes and checks that all requests for support are dealt with according to agreed procedures. Uses application management software and tools to investigate issues, collect performance statistics and create reports.
  • Critical Infrastructure Compliance:  Determines need for, drafts and maintains the standards and procedures for compliance with relevant legislation. Makes business decisions based on that information, including the need to make changes to systems. Reviews proposals for new digital initiatives and provides analyst advice on information management, including advice on and promotion of collaborative working and assessment and management of information- related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares reviews and submits periodic compliance reports to the relevant regulatory authorities.


  • Requires a bachelor’s degree in Cyber Security, Computer Science or other Information Technology related field or equivalent experience.
  • Typically, eight or more years in information systems, computer programming, cyber security, information assurance/security or related field.

Advanced knowledge of the following Functional Competencies:

  • Principles, methods and tools for assessing vulnerabilities and developing, or recommending, appropriate mitigation countermeasures.
  • Principles, practices, methods, technology and tools for securing personnel, facilities and information.
  • Forensic investigative techniques.
  • Surveillance and counter-surveillance techniques, policies, and laws, including overt and covert methods and electronic, optical, and video surveillance methods and tools.
  • Network/LAN interfaces.

Laws, rules and regulations about Critical Infrastructure Protection (CIP).

Complete details: Click Here for complete details on this position