IT Security Engineer or Senior
Tucson Electric Power     Tucson, AZ 85701
 Posted 9 days    

About Us
UNS Energy Corporation, headquartered in Tucson, Arizona, is a subsidiary of Fortis Inc., the largest investor-owned electric and gas distribution utility in Canada. Our public utility subsidiaries, Tucson Electric Power Company, UNS Electric, Inc. and UNS Gas, Inc., power our economy by providing electric and gas service to nearly 700,000 customers in Arizona.

We embrace a spirit of giving, dedicated to improving quality of life in the communities we have served for generations, and in TEP’s case, since the 1890s. We’re building a cleaner, greener grid, with more wind and solar power than ever before, while maintaining safe, reliable, and affordable service.

Your Employer of Choice
Our culture is rooted in shared core values that define how we work and who we are. Our team of innovative professionals bring their authentic selves to work each day to power our vision and make a difference. Be Part of Our Story.

We create opportunities for employees to thrive through:

Continual growth: In an industry changing faster than ever before, our commitment to professional growth and leadership development means we never stop challenging ourselves to explore new possibilities.
Active Engagement: We support a collaborative environment, with peer-to-peer learning and employee-driven groups that foster an inclusive culture.
Total compensation: UNS Energy Corporation also offers a competitive compensation and benefits package that includes a 401k plan with a generous company match, a company-sponsored pension plan, affordable individual and family health insurance plans, tuition assistance, life insurance, long-term disability insurance and much more.
Hear from some of our employees, here and here.

Job Description - IT Security Engineer or Senior
We are seeking an IT Security Engineer who brings a balance of expertise and familiarity across various cybersecurity technologies and values collaboration and teamwork. This position is critical in protecting our critical infrastructure and our customers.

What you will do:

Gather requirements from business units and determine effective cybersecurity solutions.
Collaborate with system and network engineers to implement cybersecurity measures.
Develop and contribute to cybersecurity standards, policies, and compliance documentation.
Create Technology Requirements Documents, assess risk levels, and propose mitigation strategies.
Adapt to a dynamic work environment where every day presents new challenges.
What you bring:

Strong analytical skills and the ability to translate requirements into practical cybersecurity solutions.
Depth of knowledge in IT and cybersecurity, including enterprise IT.
Experience with on-premise systems.
Excellent communication skills and the ability to work collaboratively with stakeholders.
Experience with Operational Technology, balancing authority, or SCADA preferred.
Position Description

Responsible for the architecture, design, engineering, planning, testing, and implementation of regulatory requirements and industry-wide accepted information security principles, practices, and information systems to ensure the protection of information assets processed, stored, or transmitted at UNS Energy Corporation. Evaluate the effectiveness of information security solutions and processes in place, keeping in mind the state of world events. Monitor for and identify security risks and exposures, determine the causes of security violations, assess, and implement procedures to halt future incidents. Understand and provide assistance to system users relative to information systems security matters. Participates in a team environment that provides cost-effective IT security services to the various business units. Works closely with other areas to insure optimum reliability and cohesiveness.

Position-Related Responsibilities

Evaluate, design, implement, and support IT security systems for all data networks.
Defines and communicates security strategy, architecture, standards, and technical requirements.
Evaluates new and emerging security technologies, features, and products to determine their application in the protection of company information and assets.
Documents logical architecture of the IT security systems.
Defines and follows standards and procedures for IT security systems, their constituent devices and interfaces.
Works closely with security operations teams, in a senior level capacity, to support design of secure infrastructure. Works with cross-functional Security Incident Response Team as needed.
Performs security analysis, including architecture review, baselines, vulnerability assessments, and risk assessments to proactively identify security risks and exposures.
Monitors security events across the network and ensures alerting and resolution of security issues and threats.
Ensures change control processes are followed and service levels affected by those changes are maintained.
Works with internal and external project managers to complete projects and efforts on time.
Leads or participates in IT projects to provide information security expertise, guidance, or training.
Works with internal and external auditors to implement technical aspects of regulatory/compliance/privacy controls, such as Sarbanes-Oxley, NERC CIP, HIPAA, and PCI DSS.
Works with Human Resources and Legal to provide support for sensitive investigations or litigation holds.
Knowledge is expected in the following disciplines:
Authentication and Access Control Tools, Management and Administration
Anti-Virus, Spam and Malware Tools, Management and Administration
Application Security Architecture & Cloud Computing Concepts
Change & Security Configuration Audit and Control
Encryption Processes, Management and Administration
Firewall Management and Administration
Hardware/Software Security Testing and Evaluation
Identity and Access Management
Intrusion Detection/Prevention
Incident Response Practices and Procedures
Computer Forensic Practices and Procedures
Layer 2 and 3 routing and switching protocols (TCP/UDP, IPv4, IPv6, OSPF, etc.)
Security Information & Event Management (SIEM) and Logging
Scripting Languages, such as PowerShell or Python
VOIP Technology Security
VPN’s (Virtual Private Networks) and SSL
Vulnerability Assessment Practices/Technology (i.e. Operating Systems, Network, Application, Database, and Web)
Wireless Security Infrastructure
Security Industry Standards, such as CIS, ISO, NIST & FISMA
Regulatory Requirements of NERC CIP, SOX, HIPAA, PCI DSS and other applicable regulations
Information Security Awareness Programs and Communications
Information Security Policy and Standards
Information Security Risk Assessment
This position may provide services to affiliates of the Company subject to the UNS Energy Code of Conduct and the related Policies and Procedures.

Knowledge, Skills & Abilities

(Equivalent combination of education and experience will be considered.)

IT Security Engineer

Minimum Qualifications:

Requires industry certifications (e.g. GIAC, CISSP, CEH) or equivalent experience of seven or more years in Information Security.
Effective written and oral communication skills are required plus a willingness to learn in a rapidly changing environment.
Provide mentoring and guidance to junior members of the team.
Experience leading IT security engineering projects and initiatives.
Experience in completing projects and providing strategic direction on how the IT systems infrastructure should evolve.
Strong ability to document engineering designs in Microsoft Visio.

Preferred Qualifications:

Bachelor’s degree in Information Security, Management Information Systems, Computer Science, or related field.
Individual is considered at full proficiency in the information security field and a leader on the security team.
Works with other IS groups to ensure the understanding and coordination of effective results.
Ensures that information security standards and practices are understood and consistently applied.

Senior IT Security Engineer

Minimum Qualifications:

Requires all minimum qualifications for an IT Security Engineer.
Requires self-direction and the ability to work with vendors on creating statements of work and completing that work.
Experience leading IT security engineering projects with emphasis on project management methodologies.
Experience in creating and managing project budgets.
Experience in providing strategic direction on how the IT security infrastructure is engineered to meet business needs.
Preferred Qualifications:

Master’s degree in Information Security, Management Information Systems, Computer Science, or related field.
Eight or more years of experience in Information Security.
Visionary that is proficient at all required information security aspects and helps others to become more proficient.
Pay Rate: Competitive pay based on qualifications and experience

All job offers are contingent on successful completion of a pre-employment drug screen and background check.

  Back to All Job Opportunities

Job Details

Field of Interest

Energy & Utilities

Employment Type

Full Time

Number of openings


Related Skills:

While all employers are vetted to meet the Maricopa Guidelines, the job postings are not individually reviewed. Students should be diligent in ensuring they are applying for positions that meet their needs and are not in violation of the Maricopa guidelines.