You are viewing a preview of this job. Log in or register to view more details about this job.

IT Security Engineer

Benton PUD
Email

Protect Critical Infrastructure. Defend What Matters.
Full-Time Exempt | Mid to Senior Level | Growth Opportunity 

Cyber threats are evolving. Critical infrastructure is increasingly targeted. At Benton PUD, security isn’t just an IT function — it’s a public trust.

We are looking for a highly motivated, technically elite IT Security Engineer who is passionate about cybersecurity, IT/OT environments, network architecture, and physical security systems. This is a leadership-level role responsible for safeguarding essential services that power and support our community.

This is more than a job — it’s a mission. You’ll work alongside professionals who care deeply about protecting essential services and strengthening infrastructure that thousands rely on every day.

If you’re a security professional who thrives on challenge, takes ownership of risk mitigation, and wants to help keep Benton PUD safe from emerging threats — we encourage you to apply.

Join us. Protect what powers our community.

The successful candidate will be placed appropriate to their education, experience and ability to perform the specific position accountabilities.

Range for IT Security Engineer II:
$94,644 to $135,206 (Hiring Target Range is $94,644 to $112,672)
Range for IT Security Engineer III:
$114,520 to $163,600 (Hiring Target Range is $114,520 to $136,333)
 

Position Purpose/Summary

The primary purpose of this position is to support or lead the District’s cyber and physical security programs with a strong emphasis on Cybersecurity.  This role is responsible for designing, implementing, and maintaining secure architectures that protect Benton PUD’s IT, OT, and physical infrastructure. The IT Security Engineer II or III serves as a technical authority for enterprise security systems, ensuring resiliency, compliance, and risk reduction across digital and physical environments, including substations, facilities, networks, systems, and critical infrastructure; developing and carrying out information and physical security plans and policies.

 

Accountabilities:

  1. Support the District’s mission to serve our customers and foster a positive workplace by personally choosing behavior aligned with our values and ethical code.
  2. Monitor, audit, and execute security controls and tools to maintain network security by identifying potential security issues to include performing network security threat/impact assessments and scans, recommending security measures, installing and monitoring security devices, and installing patches, and updates as needed; lead mitigation efforts to remediate discovered security deficiencies.
  3. Manage the risk of security exposure or compromise within District systems by providing awareness training on information security standards, policies and best practices.
  4. Participate as a key member of the Security Incident Response Team by leading investigations and incident response activities, ensuring IR plan is followed and liaising with external support entities such as E-ISAC, DHS, PURMS, etc., as appropriate. 
  5. Provide guidance and recommendations to ensure the security and resiliency of the converged IT/OT and physical security systems.
  6. Ensure a resilient network infrastructure by supporting implementation and securing design principles in network infrastructure and helping establish and verify secure network components and secure communications channels as per design.  
  7. Establish and maintain logging, monitoring, alerting, and threat-hunting capabilities across cyber and physical security platforms.   Monitor and respond to notifications or indications of compromise.
  8. Ensure resiliency of secure network authentication and access by supporting design and implementing appropriate encrypted communication methods.
  9. Develop, review and assist CISO in standards and policies for cybersecurity practices in both IT and OT environments, working closely with other stakeholders and groups to build out best practices and manageable criteria for increasing security posture.
  10. Oversee and technically manage enterprise physical security systems including access control systems (ACS), surveillance cameras, intrusion detection, duress/panic systems, and emergency notification platforms.
  11. Ensure the District achieves and maintains mandated compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), NERC CIP, and PCI-DSS by supporting implementation of a comprehensive network security architecture and adhering to internal District security policies.
  12. Perform vulnerability assessments, security risk assessments, system audits and penetration testing activities to test and audit existing or proposed systems, networks, functions or software: recommend changes in identified design gaps; and lead remediation or mitigation efforts.
  13. Guide program improvement by performing annual security posture assessment and developing tasks and plans to increase posture based on findings and focus areas.
  14. Respond to security threats and alerts during and after hours for the purpose of resolving immediate security concerns.
  15. Oversee security-related incident reporting and response, conduct after-action review, direct investigations of all security-related incidents; demonstrate sound judgement in working with federal, state, and local law enforcement for potential criminal investigations.
  16. Collaborate with internal departments, utilities, vendors, and external agencies to enhance overall security posture and resilience.
  17. Complete special projects and other duties as assigned to meet team, department and organization goals.

Level III Additional Accountabilities

  1. Lead District efforts to achieve and maintain mandated compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), NERC CIP, and PCI-DSS by designing and implementing a comprehensive network security architecture and adhering to internal District security policies.
  2. Perform or lead vulnerability assessments, security risk assessments, system audits and penetration testing activities to test and audit existing or proposed systems, networks, functions or software: recommend changes in identified design gaps; and lead remediation or mitigation efforts.
  3. Guide program improvement by leading annual security posture assessment and developing tasks and plans to increase posture based on findings and focus areas.
  4. Lead investigations regarding suspected malware or phishing attacks and follow digital forensics best practices when handling potential evidence or sensitive information whose integrity must be maintained.
  5. Respond to security threats and alerts during and after hours for the purpose of resolving immediate security concerns.

 

Minimum Qualifications, Experience and Certifications:

Education and Experience:
Required:

IT Security Engineer II
 

  • BA/BS – Computer Science, Cyber Security or related field
  • 3 to 4 years of experience in implementation, theory and troubleshooting as a security engineer with a strong networking background.


IT Security Engineer III
 

  • BA/BS – Computer Science, Cyber Security or related field
  • 5 to 7 years of experience in implementation, theory and troubleshooting as a security engineer with a strong networking background.


Education Substitution:
BA/BS is preferred; however, substitution is allowed for those with an approved job-related certification and at least an AA degree, with two (2) additional years of directly related experience

Licensing or Certifications:
Preferred:
Certifications in 1 or more of the following: Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Cisco Certified CyberOps Associate (CCNA), Certified Information Systems Security Professional (CISSP).

Knowledge, Skills and Abilities:
 

Cybersecurity & IT/OT

  • In-depth knowledge in server operating systems (Linux, Windows)
  • In-depth experience with security testing (DoS, XRSF, XXS, Brute Force)
  • In-depth knowledge of a SIEM application
  • In-depth knowledge of Network Management Software and Monitoring Tools 
  • In-depth knowledge of Data Loss Prevention, Intrusion Detection and Intrusion Prevention
  • In-depth knowledge of Automated security testing software
  • In-depth knowledge of Forensic investigation and analysis

Network

  • Experience with network protocols and architectures (TCP/IP, VLANs, routing protocols, DNS, DHCP).
  • Experience configuring, maintaining, and securing enterprise networking equipment and firewalls.

Physical Security 

  • Knowledge of electronic and mechanical physical security systems, including access control, video surveillance, intrusion detection, and audit logging.
  • Experience integrating physical security platforms with IT and cybersecurity monitoring systems.
  • Knowledge of risk, vulnerability, and threat assessment methodologies.

 

General

  • Strong problem-solving skills to effectively research, investigate and offer solutions to issues that are more complex and difficult in nature
  • Good verbal and written communication skills with the ability to communicate security-related concepts to a broad range of technical and non-technical staff to include leadership
  • Ability to stay current with technology and apply training and experience to real world problems
  • Highly motivated and independent strategist capable of creating and implementing comprehensive security policies

 

ADA Requirement:

  • Attendance: Consistent need to attend work at the job site or work location. Frequent or constant need for punctuality.
  • Physical Effort: Most all of the time is spent sitting in the same position or standing/walking, or there is some requirement to lift or handle material or equipment of moderate weight (8 - 20 pounds, sometimes more).
  • Environment: Located in a comfortable indoor area.  Any unpleasant conditions would be infrequent and not objectionable.
  • Hazards: Most of the time is spent in general office or equivalent conditions.
  • Sensory Attention: Typically requires regular use of one or more senses of medium intensity and long duration.
  • Job Pressure/Deadline Orientation: Must meet reasonable deadlines, quotas or demands for accuracy and/or may be involved in some mildly unpleasant situations.