ESSENTIAL FUNCTIONS AND RESPONSIBILITIES

• Partner with IT operational teams, such as the Cyber Security Center, OT Security team, Vulnerability Management, Endpoint Computing, IT Asset Management, and IT Operations to gather requirements and maintain a high level of data integrity and accuracy on an ongoing basis enabling their operations.
• Partner with asset owners and leaders across the enterprise to raise awareness, build support and partnership in the improvement of cyber asset data collection management across all technologies.
• Partner as the single point of contact for Information Technology to ensure that technology and systems supporting cyber asset capture and management are implemented and configured for the needs of Cybersecurity and Information Technology teams.
• Partner with Reliability Compliance teams to ensure cyber asset management strategy and implementation satisfies external compliance obligations across all regulators present and future.
• Lead delivery of cyber asset management activities identified in the strategy.
• Define and operationalize key success metrics, and implement enterprise oversight of the program, partnering with asset owners and data stewards and holding them accountable for their progress.
• Troubleshoot errors related to discovery, credentials, access, firewalls, etc. across stacks - Server, Storage, Database, and Network.
• Plan, design, deploy, and manage ServiceNow Service Discovery solutions for both On-Premises and Cloud resources; manages the Service Discovery infrastructure, including schedules, credentials, mid-servers and patterns.
• Work with IT leaders to document the process and systems for overall enterprise cyber asset management.
• Work with IT to ensure inconsistencies in cyber asset data are identified and resolved through an ongoing and sustainable process.
• Work with OT cyber asset owners across all functional areas to evaluate cyber asset data and bring focus to the highest priority data quality issues. Lead cross-functional teams that resolve asset data quality issues, with particular focus on high-risk assets used across lines of business that impact safety, resiliency, and affordability.
• Because Tri-State is an electric utility with continuous service obligations to its customers, regular, reliable, and predictable performance of the essential functions and responsibilities is an essential function of the job.
• Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job.

OTHER DUTIES/RESPONSIBILITIES

• Perform other related duties as assigned

SUCCESS FACTORS/JOB COMPETENCIES:

• Proven analytical, problem-solving and investigation abilities.
• Ability to effectively prioritize and execute tasks in high-pressure situations.
• Ability to present ideas in line-of-business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.
• Ability to analyze complex technical and business problems, meet objectives and deliverables.
• Demonstrates high quality customer-service skills when dealing with internal and external customers, business partners and others.
• Time management and multitasking skills.
• Willingness to take on impromptu tasks with loosely defined requirements.

Education and Training

• Bachelor's degree in computer science, information technology, business administration or other related area or equivalent combination of experience and education.

Knowledge, Skills, and Ability:

• Familiarity with governance and controls frameworks, such as Center for Internet Security (CIS) security controls, North American Electric Reliability CIP compliance requirements, and National Institute of Standards and Technology (NIST).
• Track record of creative problem solving, and the desire to create and build new processes.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option.
• Excellent oral and written communications skills.
• Ability to maintain effective working relationships.
• Ability to communicate and collaborate effectively with multiple stakeholders to ensure an effective CMDB.
• Ability to design and implement integrations using ServiceNow Integration Hub and custom integration using REST API etc. to enrich CMDB.
• Comprehension of the ServiceNow CSDM model.
• Knowledge of Windows and Linux server administration, Active Directory, LDAP, Single Sign-On, authentication, user and group policy objects and permission levels.
• Knowledge of IT infrastructure topology including application, server, and network configurations.
• Knowledge of scripting languages including PowerShell, XML, JSON, Javascript, etc.
• Knowledge of the management and operational use of systems monitoring tools, including SolarWinds, SIEM, Microsoft SCCM/SCOM, and integration with ServiceNow

Experience:

• Eight (8) years of IT cyber security related experience with at least one to three (1-3) years of cyber asset management experience. 1-3 years of experience implementing, administering and/or optimizing ServiceNow Discovery and additional discovery tools.
• Experience in security technologies (firewall, antivirus, intrusion detection/prevention, security information event monitoring, vulnerability scanning, data loss prevention, encryption, PKI, Identify Access Management, Rights Management Services, etc.).
• Experience with ServiceNow and ITOM configuration management database (CMDB) in an enterprise production environment.
• Experience with modifying or extending OOTB Discovery Patterns and have the ability to create custom patterns as needed.
• Experience with ServiceNow Discovery, Mid-Server architecture, credentials and patterns, identifiers and business rules
• Create and/or update Discovery related documentation on the design, development, and deploy Discovery functionality to ensure that Discovery is performing as expected for optimal CMDB data population.
• Experience in designing security/control processes, procedures and formal support documentation.
• Experience with auditor coordination and control compliance.
• Experience working in fast paced environments and ability manage workload even during times of stress or escalated activity.
• Experience in building and leading asset management functions.

Other:

• Willingness to travel for investigations, meetings and training as needed. (Must possess a valid driver's license.)

DESIRED JOB QUALIFICATIONS

One or more of the following certifications preferred:

• Certified Information Systems Security Professional (CISSP)
• Global Information Security Certification (GIAC)
• Certified Information Systems Auditor (CISA)
• ServiceNow Certified Implementation Specialist- Discovery (CIS-Discovery)
• Certified Asset Management Security Expert (CAMSE)
• Project management experience.
• Advanced Degree in a related discipline.
• Experience in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS).
• Experience in Sarbanes-Oxley (SOX) and North American Electric Reliability Corporation Critical. Infrastructure Protection (NERC CIP) compliance.
• Experience in multiple technical and business disciplines.
• Experience in designing and delivering security awareness training.

Note:The above requirements describe the experience and education qualifications for the Senior Cyber Asset Management Analyst. Those with less experience will be hired at the I, II or III job grade level.

PHYSICAL AND MENTAL DEMANDS: The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of the position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Physical demands: While performing the duties of this position, the incumbent is primarily required to sit, stand, walk, stoop, bend and frequently utilize a keyboard/computer. Specific vision abilities include close vision, peripheral vision, depth perception and the ability to adjust focus.

Mental demands: While performing the duties of this position, the incumbent will be required to problem solve, read, write and analyze data, work under schedules and deadline pressure, present information to others, work independently and use discretion and judgment for confidential or sensitive projects/issues.

Work Environment: While performing the duties of this position, the employee is exposed to an office environment indoors, and will occasionally travel outdoors to multiple locations dependent on work.