About DCP Midstream:
DCP Midstream is the largest processor of natural gas and natural gas liquids producer ensuring the country has clean energy to warm homes, manufacture goods, and produce consumer products. We are a “must-run” company and we are committed to greater in everything we do—from operating efficiently, reliably and safely to being a responsible community partner. Headquartered in Denver, Colorado, DCP Midstream operates assets in 17 states.
The IT Security Analyst III is responsible for assisting in the development of strategies, defining roadmaps, and device administration for security related activities including compliance, governance, next generation firewalls, end point protection solutions, and all other security related work in the OT space. The incumbent will assist/lead in the design, implementation and management of information security controls.
What Will You Be Responsible For:
- Assists in the development of strategies and roadmaps to continually evolve security posture and mitigate risk in the OT space.
- Work with owners of various systems to address security related concerns including DCS, SCADA, measurement, communications, etc.
- Be actively involved with the team that stages all OT related projects ensuring security solutions are effectively developed and ultimately implemented.
- Oversee the scheduling and implementation of hardware repairs.
- Next generation firewall administration.
- End point protection administration.
- Assist in development of firewall policies and standards built upon industry best practices.
- Participate in the management of security best practices including patching, hotfixes, vulnerability management, etc.
- Audit firewall policies and internal security controls and report findings and recommendations.
- Assist in the evaluation, design and implementation new technologies.
- Responsible for the creation and maintenance of processes, procedures and documentation related to security controls and technology.
- Participate in the development of information security metrics and scorecards.
- Responsible for reviewing trouble tickets and participating in change management activities.
- Bachelor’s Degree in Computer Science or related field preferred.
- 4+ years of IT/OT security experience including system design, compliance, implementation, analysis and administration.
- Experience assisting with security assessments and gap analysis.
- Experience with pen testing and scripting desired.
- A wide base of experience in multiple security related disciplines including firewall administration, antivirus administration, IDS/IPS configuration, logging and analysis, security best practice methodologies, etc. are a plus.
- Foundational understanding of network technologies, common applications and their associated ports and protocols.
- Foundational understanding of Active Directory.
- Ability to work effectively within a team environment.
- Excellent interpersonal and communication skills with the ability to relate technical issues to non-technical management.
- Strong knowledge in IT/OT security system design, analysis, and problem solving.
- Security related professional certifications preferred, including but not limited to CISSP, GICSP, CEH, OSCP, etc.
- Experience with energy related systems and technology desired.
- Assume on call support when required.
- After hours work may be required due to outages, implementation and maintenance windows.
- Overnight travel occasionally required, <10%.
It has been and will continue to be the policy of DCP Midstream not to discriminate against any employee or applicant for employment because of their race, color, religion, national origin, age, sex, sexual orientation, gender identity, gender expression, veteran status, disability, or other legally protected status.