Dominion Energy Cyber Security Specialist-Advanced Penetration Testing (Columbia, SC or Richmond, VA) in Cayce, United States
Cyber Security Specialist-Advanced Penetration Testing (Columbia, SC or Richmond, VA)
Date: Oct 2, 2021
Location: Cayce, SC, US, 29033-3712
Company: Dominion Energy
At Dominion Energy we love our jobs. That’s right. Love. Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate. These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever. We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent? Do you think differently? Do you want to fall in love with your job? If you answered “yes,” then read on!
At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.
This position does not offer relocation assistance.
This position can be located in either Richmond, VA or Columbia, SC.
This is not your typical cyber role. We’re looking for an experienced team member who can work both independently and collaboratively to outsmart the best cyber criminals and nation state attackers in the world. Here are the details:
This is a senior cyber security role, performing more complex cyber security activities, working closely with IT partners to enhance and validate the cyber security posture of Enterprise IT environments through penetration testing, manual vulnerability assessments, validation of monitoring and detection capabilities, reporting, and the development of recommendations.
Specific job responsibilities include:
Perform reconnaissance and research activities to determine internally and externally available information that can be used to facilitate unauthorized access to enterprise environments. Perform product and technology research to understand application and network topologies, communication requirements, documented and undisclosed susceptibilities, and potential exploit mechanisms.
Perform manual vulnerability assessments utilizing a variety of software tools and techniques to discover available information and access paths into environments.
Evaluate the effectiveness of security controls and defenses and determines optimum defenses against such activities.
Work closely with the Cyber Security Operations Center to facilitate the creation of use cases to detect adversarial and reconnaissance activities and enhance monitoring capabilities.
Provide written summaries of findings and documents recommended actions in both executive summaries as well as detailed technical reports for system owners and operators.
Apply considerable understanding of IT technologies, evaluation of cyber security risks and attack vectors, and develops an evolving knowledge of mitigation options to assess the current threat landscape and improve Enterprise security.
Consult with Enterprise IT subject matter experts and business representatives to provide input on cyber security decisions and establishment of cyber security policies, and to foster security awareness.
Perform other duties as requested or assigned.
Required Knowledge, Skills, Abilities & Experience
Must possess a minimum of 7-9 years of work experience in cyber security, or a cyber risk related role demonstrating a working knowledge in the identification, gathering, and analyzing of information, threats, etc. to investigate and mitigate security risks. (Note: A Master's degree will count as one year of experience. A partial year of six months or more will be rounded up to one full year).
Specific knowledge, skills, abilities and experience include:
Considerable knowledge of cyber security best practices and frameworks (ex. NIST 800-82, ANSI/ISA-62443-1-1, CIS 20, NIST Cyber Security Framework, NIST 800-53, etc.) and security controls.
Previous experience performing red team or other vulnerability assessment activities and scripting highly desirable.
Demonstrated organization and planning skills, including time management, project coordination, and project management.
Demonstrates excellent analytical, troubleshooting, and problem-solving skills, with a questioning attitude.
Demonstrated competency in verbal and written communication, with good presentation skills.
In-depth experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols is highly desired.
Highly motivated individual, with the ability to work effectively under minimal supervision in a fast-paced environment.
Excellent analytical, troubleshooting, organizational, and problem-solving skills, to include time management, project coordination, and project management.
Previous work experience with industry cyber security standards, frameworks, and risk assessment models, SIEM technologies, packet analysis & security analytics.
Must be team-oriented, placing priority on quality and the successful completion of team goals.
Demonstrated competency in developing effective solutions to business problems, with the ability to understand customer’s business needs, analyze problems and make decisions.
Demonstrated leadership of work teams or groups, with the ability to work with all levels of employees.
Ability to handle multiple deadlines and associated pressures, is a self-starter, and to work independently.
The company is actively seeking United States military veterans and service members who meet the qualifications outlined above.
- ·Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience are encouraged to apply.
Degree or an equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education: Bachelor
Disciplines: Preferred: Computer Science; Engineering; Information Systems; Information Systems Security
Other disciplines may be substituted for the preferred discipline(s) listed above.
Licenses, Certifications, or Quals Description
Security-related industry certifications desired (CISSP, GIAC, EC-Council, etc.)
Office Work Environment 76 -100%
Travel Up to 25%
Other Working Conditions
No Testing Required
Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.
We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more. To learn more about our benefits, click here
Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.
You can experience the excitement of our company – it's the difference between taking a job and starting a career.
Job Segment: Engineer, Information Systems, Computer Science, Testing, Engineering, Technology, Research
- Dominion Energy Jobs