Operational Technology Network Analyst Senior

City of Gainesville•Gainesville, FL

14h•$68,973 - $111,481

About The Position

This position is responsible for the administration, lifecycle management, and monitoring of virtual infrastructure, OT system platforms, disaster recovery capabilities, and supporting endpoint and security controls within critical utility environments. The ideal candidate will have hands-on experience supporting OT system platforms, virtualization technologies, and industrial protocols, with an understanding of Purdue model segmentation and how system placement and dependencies impact reliability and security. This role works collaboratively with IT, operations, and compliance teams to deliver stable, secure, and audit-ready OT system services, and plays a key role in supporting the overall reliability, recoverability, and compliance posture of the utility’s OT infrastructure. Multiple candidates may be hired as a result of this recruitment. Positions may be underfilled or overfilled based on the qualifications of the selected candidate(s). An eligibility list may be established and used to fill future vacancies. This position performs advanced, complex technical and analytical work to support a robust multi-facility SmartGrid environment. Work is performed on-site and off-site in a secure, monitored environment 24/7/365. This role supports the reliability, cybersecurity, and regulatory compliance of the bulk electric system, real-time operational systems including SCADA, ICCP, virtualization, and secure communication paths necessary to deliver energy services. Work requires a key technical expert supporting design, security, administration and optimization of Operational Technology and systems supporting critical infrastructure. This position requires exceptional expertise in network engineering, system administration and cybersecurity within an energy utility or critical infrastructure environment. The incumbent will lead high-impact projects, improve system resilience, and drive adherence to compliance with NERC CIP, NIST and other industry standards while working under minimal supervision. Work in this class is distinguished from higher classes by its lack of supervisory and design responsibility, and from lower classes by its advanced technical and analytical knowledge and skill in communication/data networks, virtual infrastructure and system security monitoring software.

Requirements

Bachelor's degree from an accredited four-year college or university with major course work in computer science, information systems, network engineering, cybersecurity or related field; and four (4) years of experience in at least two of the following areas of: data communications, computer networks/systems/security, communication projects or an Associate degree and six (6) years of experience in at least two of the following areas of: data communications, computer networks/systems/security, communication projects, or an equivalent combination of education, training and experience which provides the required knowledge, skills and abilities.
A valid Florida Driver License is required at time of appointment and at all times while employed in this classification.
Firewall certification, Security+ for network knowledge.
Microsoft Certified: Azure Administrator Associate, Virtualization certification, or Linux LPIC for system expertise.
GIAC Global Industrial Cyber Security Professional (GICSP) or ISA/IEC 62443 for OT security knowledge.
ITIL Certification for process management.
Working knowledge of OT protocols (ICCP, DNP3, Modbus, OPC) and other industrial communication standards.
Proficiency in firewalls, IDS/IPS, SIEM, and access control strategies for critical infrastructure.
Strong virtualization experience with virtualized OT environments.
Leadership and process management skills to drive OT initiatives and mentor new employees.
Ability to analyze and mitigate cyber threats in OT environment.
Ability, experience and willingness to observe all proper and safe work practices and use of tools, communication and testing equipment to ensure the safety of systems, hardware, self and others.
Ability, experience and willingness to work without direct supervision and to creatively and effectively solve system and hardware issues.
Ability, experience and willingness to work effectively with coworkers and the general public.
Ability and experience to maintain a high level of integrity when dealing with customers and systems to instill trust and to maintain security.
Ability, experience and willingness to communicate effectively, both orally and in writing, with customers, coworkers, supervisors and managers.
Ability, experience and willingness to stay current on all software and hardware systems to ensure ability to maintain system integrity and security, as well as the ability to resolve issues.
Ability and experience to lead, coordinate and participate in key process improvements as they relate to the multi-facility network environment.
Knowledge of principles and processes for providing customer service which includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.
Knowledge of relevant equipment, policies, procedures, and strategies to promote effective local security operations for the protection of people, data, and property.
Work requires physical strength and agility to safely perform all essential job functions .
Must be able to perform sedentary work on an uninterrupted basis.

Responsibilities

Design, implement, and optimize high-availability network architecture (LAN, WAN, VLAN, SD-WAN, and wireless), firewalls, VPNs, intrusion detection systems (IDS/IPS), and segmentation strategies to secure OT environments and maintain real-time communications.
Communicates network security policies and procedures required for regulatory compliance, to end users, control room operators and remote facility staff.
Design, install, configure, administer, monitor and optimize server infrastructure, including redundant and highly available virtualized environments, cloud-based solutions, Windows and Linux servers, databases, and storage supporting SCADA and other OT applications in a Critical Infrastructure Protection (CIP) environment.
Creates, maintains, removes and audits physical and electronic access to NERC CIP environments.
Utilize regulatory and industry standards, frameworks (NERC CIP, NIST 800-53, and DOE C2M2), to identify capabilities and technologies needed to provide enhanced cyber defenses.
Conduct penetration tests, vulnerability scans, risk assessments, and regular audits to protect OT assets and provide recommendations and plans to mitigate identified concerns.
Lead the development, execution and testing of incident response (IR), disaster recovery (DR) and business continuity (BCP) plans.
Provide subject matter expertise during cyber incidents, response and remediation.
Work closely with System Control, SCADA Engineers, IT Security, and external vendors to implement secure, scalable solutions.
Develops and follows processes and procedures for network systems change management, configuration control, preventative maintenance, access control in accordance with GRU documented policies and the NERC Critical Infrastructure Protection (CIP) requirements.
Participates in Operational Technology (OT) feasibility studies, capacity planning, performance analysis and fine-tuning, new technology evaluation, new systems and applications technical requirements specifications and review.
Conducts research on emerging products, services, protocols, and standards in support of network component procurement, enhancements and development efforts.
Performs cost-benefit and return-on-investment analyses for proposed network components to aid management in making implementation decisions.
Performs other related duties as assigned.
Attends required on-the-job or coursework training.
Attends work on a continuous and regular basis.
Drives to remote locations.