**Job Description:** The Cyber Security Engineer is responsible for delivering enterprise security solutions. Key responsibilities include implementing, configuring, and maintenance of security tools, systems, and solutions for Tri-State’s Cyber Security posture. This position is also responsible for monitoring security events and logs, assessing risks and threats involving any of Tri-State’s technology vendors and partners. This position follows the cybersecurity standards set in place and will work to further protect Tri-State’s cybersecurity posture. **Note** : There is one position available, and the position will be filled at one of four job grade levels: Cyber Security Engineer I, job grade 7; Cyber Security Engineer II, job grade 8, Cyber Security Engineer III, job grade 9; or Senior Cyber Security Engineer, job grade 10. This decision will be based on the qualifications and experience of the candidate selected, and Tri-State business needs at the time of hire. **Tri-State recognizes the value of a highly engaged and committed workforce and provides an excellent benefits program that includes** : Medical Insurance, Dental Insurance, Vision Insurance Health Savings Account (HSA), Flexible Spending Accounts (FSA), Tuition Reimbursement, Flexible Work Schedules including compressed work week and telecommuting opportunities to work remotely up to 50%, Life Insurance, 401K, Long Term Disability (LTD), Short Term Disability (STD), Employee Assistant Program (EAP) and Paid Leave Benefits. **Senior Cyber Security Engineer** Hiring Salary Range: $106,000-135,000 **Cyber Security Engineer III** Hiring Salary Range: $96,000-$121,000 **Cyber Security Engineer II** Hiring Salary Range: $86,000-$108,000 **Cyber Security Engineer I** Hiring Salary Range: $77,000-$96,000 Actual compensation offer to candidate may vary outside of the posted hiring salary range based upon work experience, education, and/or skill level. **Responsibilities:** + Provision, tune, maintain, monitor, and troubleshoot network security equipment including but not limited to network firewalls, Security Information and Event Management (SIEM), intrusion detection/prevention systems, various computer network defense (CND) tools, and network access control software. + Configure, implement, and maintain identity and access management (IAM) tools including Active Directory services, single sign-on (SSO), multifactor authentication (MFA), privileged access management (PAM), and certificate services. + Identify and classify risks and vulnerabilities as applicable to Tri-State information systems and third-party vendors. + Conducts vulnerability scans or assessments using Tri-State’s vulnerability management tools or resources. + Conduct cyber security awareness activities that include phishing simulations and developing training materials. + Partner with IT operational teams to gather requirements and maintain a high level of data integrity and accuracy on an ongoing basis enabling their operations for asset management. + Partner with asset owners and leaders across the enterprise to raise awareness, build support and partnership in the improvement of cyber asset data collection management across all technologies. + Troubleshoot errors related to discovery, credentials, access, firewalls, etc. across stacks - Server, Storage, Database, and Network. + Plan, design, deploy, and manage ServiceNow Service Discovery solutions for both On-Premises and Cloud resources; manages the Service Discovery infrastructure, including schedules, credentials, mid-servers and patterns. + Identify gaps in security processes and recommend solutions in the areas of security tools, processes, and procedures. + Provide first responder forensics analysis and investigation. + Investigation and triage necessary tasks during data loss or breach events. + Drive containment strategy during data loss or breach events. + Work directly with data asset owners and business response plan owners during high severity incidents. + Provide and implement tuning recommendations based on findings during investigations or threat information reviews. + Correlate network activity across networks to identify trends of unauthorized use. + Develop a risk register to track and manage identified risks based on business impact. + Present risk assessments and mitigation plans to senior management. + Compile detailed investigation and analysis reports appropriate consumption and delivery to management. + Research emerging threats and vulnerabilities to aid in the identification of network incidents. + Provide incident response support, including malware analysis, remote system analysis, end-user interviews, and mitigating actions to contain activity and facilitating forensics analysis when necessary. + Process tickets assigned to the Cyber Security team queues. + Maintain compliance with all company policies and procedures and attain knowledge and remain knowledgeable of regulations, laws, standards, and best practices applicable to functional area. + Because Tri-State has an obligation to provide continuous, reliable electric service to its customers, the ability to work overtime at any time of the day or week is considered an essential function of the job. **OTHER DUTIES/RESPONSIBILITIES** + Perform other related duties as assigned **Qualifications:** Education and Training + Bachelor’s degree in cybersecurity, computer science, information technology, information security, information assurance, or a related field, or equivalent work experience. Experience: + At least Eight (8) or more years’ experience in cybersecurity engineering or a related field for Cyber Security Engineer Senior. + Experience with security architecture and operational support. + Experience in security technologies (firewall, antivirus, intrusion detection/prevention, security information event monitoring, vulnerability scanning, data loss prevention, encryption, PKI, Identify Access Management, Rights Management Services, etc.). + Experience in designing security/control processes, procedures and formal support documentation. + Experience in incident/forensic response planning and execution. + Experience with auditor coordination and control compliance. + Experience administering or utilizing security information and event management systems. + Experience with active threat hunting and adversary tracking. + Experience with one or more scripting languages (e.g., Python, JavaScript, Scapy). + Experience working in fast paced environments and ability manage workload even during times of stress or escalated activity. **Note** : The above requirements describe the experience and education qualifications for the Senior Cyber Security Engineer. Those with less experience will be hired at the I, II or III job grade level. Other: + Willingness to travel for investigations, meetings and training as needed. (Must possess a valid driver’s license.) + Willingness to work on-call duty as assigned. **DESIRED JOB QUALIFICATIONS** + One or more security industry certifications preferred: + Certified Information Systems Security Professional (CISSP) + Global Information Security Certification (GIAC ) + Certified Information Systems Auditor (CISA) + An MS, MBA, or related advanced degree desired. + Experience in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS). + Experience in Sarbanes-Oxley (SOX) and North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance. + Experience in designing and delivering security awareness training. **About Us:** Tri-State is a wholesale power supply cooperative, operating on a not-for-profit basis, with 44 members, including 41 utility electric distribution cooperative and public power district members in four states: Colorado, Nebraska, New Mexico and Wyoming. Together with its members, Tri-State delivers reliable, affordable and responsible power and energy services to more than a million electricity consumers across nearly 200,000 square miles of the West. Tri-State was founded in 1952 by its member systems to provide a reliable, cost-based supply of electricity. Headquartered in Westminster, Colo., approximately 1,200 people are employed by Tri-State across five states. Tri-State's electricity is generated from coal, natural gas and hydropower, with a rapidly increasing supply generated from wind and solar. Tri-State delivers power to its members through a transmission system that includes substation facilities, telecommunications sites and over 5,700 miles of high voltage transmission lines. Tri-State's transformative Responsible Energy Plan is reducing emissions, increasing renewable resources, developing new energy services and delivering more flexibility for its members. **Job Identification:** 366 **Job Category:** Cyber Security **Posting Date:** 2025-03-25T16:47:43+00:00 **Job Schedule:** Full time **Hiring Salary Range:** $77,000-$135,000 **Locations:** 1100 W 116th Ave, Westminster, CO, 80234, US All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status.