NW Natural

Information Security Specialist (Industrial Control System) 

Non-Union Position

IS Security & Analytics Staff 1; Portland, Oregon (US-OR) 

Hybrid schedule available for Oregon & Washington residents. 

Regular FT 

Posting # 4767 

About Us:

At NW Natural, we offer more than rewarding career opportunities and a vibrant, inclusive work culture. We invite you to join us in providing safe and reliable utility services and renewable energy to better the lives of the communities we serve. Our vision is to be the leader in service excellence, innovation and environmental stewardship for our customers, while building on our strengths as a trusted energy provider and environmental leader for our industry. 

In addition to environmental stewardship, We’re also deeply committed to Diversity, Equity and Inclusion at NW Natural. Our DEI Council started 21 years ago, and today we continue to foster a culture where all employees can experience a sense of belonging, shared purpose and possibility.

The Role:

You’ll be a member of the Security Operations Team and collaborate with our teams at plants and in control rooms as we enhance an Industrial Control System (ICS) security program. Your responsibilities would include people, process, and technology. This is a key role in a technology organization maturing its processes and modernizing its technology.

You would understand security in the context of operation priorities and constraints by working closely with Operations staff and translate between operations staff and security team members. To be successful, this role will partner with operations to achieve their goals, not focusing exclusively on security but balancing operational and security needs.

This position will be based at our office in downtown Portland, but you'll also travel to our storage facilities in western Oregon.

IT&S Cultural Pillars 

Our Core Values are in everything we do, we expect everyone to embody the Information Technology & Services department’s four cultural pillars…

Accountability & Integrity 

We hold ourselves to a high standard and follow through on our commitments. Our transparency, and ability to deliver on our promises make us a trusted and respected business partner.

Customer Focus 

We understand our customers’ needs and advocate for them. Our relationship with our customers ensures the technical needs of the business are met.

Growth & Learning 

We embrace new technology and skills to better meet the company’s needs. Our passion for new technology keeps us ahead of future opportunities for the business.

Respect 

We relate with inclusion, kindness, curiosity, and humility. Respect for differences leads to innovation and collaboration.

Day to Day:

Security Consulting:

• You (with support from the security team and operations teams) would continue to develop and lead our ICS security program:
• Research, evaluate, design, test, recommend, and plan new or updated security technologies.
• Take operations requirements into account when considering security measures.
• Collaborate on projects with Operational staff and vendors to ensure that security issues are addressed throughout the project lifecycle.
• Review system designs and identify areas for security improvements.
• Provide ad hoc consulting on tactical security topics.
• Develop and revise cybersecurity policies and standards.

Vulnerability Management:

• Assess and track vulnerabilities in our industrial control systems.
• Work with Operational staff to remediate vulnerabilities. 

Security Awareness and Training:

• Partner with Operational staff to improve their understanding of the risks associated with security threats to industrial control systems.

Security Monitoring and Incident Response:

• Review alerts from security monitoring tools (including alerts generated from non-industrial control systems).
• Respond to security incidents including leading the response for smaller incidents.
• Apply NW Natural context to potential incidents to better understand them.
• Liaise between incident response leads and subject matter experts.
• Research and assess new threats and vulnerabilities.
• Develop and report on key performance indicators to show the effectiveness of our ICS security monitoring processes.

While the security monitoring and incident response responsibilities mean that there is an afterhours component to this role, typically it is less than one hour per week.

General:

• Evaluate security risks and their impact to NW Natural.
• Create technical documentation for other analysts and teams.

Come on your first day with:

• Minimum three years IT, industrial control systems, or information security experience. Additional years of experience and demonstrated knowledge and complexity of assignments or experience required for level 3. 
• Bachelor's degree or equivalent additional work experience.
• ITIL Foundations certified or successful completion within 90 days of starting.
• A valid driver's license with evidence of a safe driving record is required.

Technical Competency:

• A solid understanding of security priorities and concepts.
• Experience with manufacturing IT, Operational Technologies (OT), or Industrial Control System (ICS) environments.
• Understanding of common OT network protocols, vendors, devices, and applications.
• Demonstrated experience working with PLCs, DCS’, SIS’, HMIs, or SCADA systems.

Occupational Personality:

• You’ll interact with NW Natural's personnel at various levels to understand business imperatives.
• Strong technical communication skills will be key to your success. Your written and verbal communication skills will help you succeed, as will your ability to communicate security concepts and situations to audiences with varying levels of familiarity with these concepts.
• Leadership abilities with the capability to direct other technical staff on security initiatives and guide team members.
• You’ll get to work with minimal supervision. Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Your ability to manage expectations appropriately will help and build long-term relationships.
• You’ll remain current with industry trends and evolving threats.

What we offer:

Health & Wellness –

• Rich health insurance benefits with competitive employer contribution
• Free access to an online wellness resources platform 

Work Life Balance -

• Up to 23 Vacation Days 
• 80 Hours of Sick Time 
• 10 paid holidays and 3 floating holidays
• Flexible work arrangements 
• 3 weeks paid parental leave
• Green Team / Diversity, Equity & Inclusion Council / Safety Team / Women’s Network and many other Employee Resource Groups
• 1500 sq foot exercise facility and secure bike room 

Financial -

• Meaningful annual incentive bonus opportunity in addition to base salary
• Competitive 401K company contribution and match 
• 15% discount on NW Natural stock through Employee Stock Purchase Program
• Up to $5250 a year in tuition reimbursement 
• Wellness incentive program 

Discounts -

• 20% off natural gas service 
• Up to 30% discount at NW Natural Appliance Center
• TriMet Pass for all HQ employees
• Generous discounts with Verizon & AT&T Wireless 

Base salary range: $83,850.00 - $119,450.00 (Level 2) or $104,250.00 - $148,550.00 (Level 3) per year, depending on qualifications

Annual Target Incentive: Level 2, 9.5% target

Level 3, 12.0% target

Targets are calculated using eligible earnings during plan year participation. Payout, if earned, is based on company and individual performance for each plan year and may range from 0% – 200% of target. Targets are subject to change in subsequent plan years. Must be employed by September 30 in order to receive any prorated payout. 

Application Process: To be considered for this position, submit a complete electronic application including cover letter and resume via our website.

https://www.nwnatural.com/about-us/the-company/careers

Deadline: 3/19/24

Disclosure: We are a drug free workplace and we comply with Federal Drug Free Workplace Act and Department of Transportation regulations. 

All applications must be submitted through NW Natural’s Electronic Application System. Resumes submitted via email, fax or mail will not be accepted in lieu of an electronic application.

NW Natural is proud to be an equal opportunity employer. We welcome and embrace our candidates’ diversity and take affirmative action to employ and advance individuals without discrimination on the basis of race, color, sex, gender identity or expression, sexual orientation, religion, age, physical or mental disability, veteran status, pregnancy (including childbirth or related medical conditions), national origin, marital status, genetic information, and all other legally protected characteristics. We forbid discrimination and harassment in the workplace based on any protected status or characteristic. A criminal history is not an automatic bar to employment with NW Natural. Instead, we make individualized assessments regarding qualifications and backgrounds. NW Natural is also committed to providing reasonable accommodations for individuals with disabilities, individuals with sincerely held religious beliefs, and disabled veterans in our job application procedures. If you need assistance or an accommodation as part of the application process, please contact us at employment@nwnatural.com or (971) 979-6341.

NW Natural does not accept unsolicited submissions or assistance from search firms for posted positions. Resumes submitted by search firms working under a valid and current written contract with NW Natural valid written Statement of Work in place for this position from NW Natural HR/Employment will be deemed the sole property of NW Natural. No fee will be paid in the event the candidate is hired by NW Natural as a result of the referral or through other means.

Read Full Description