Cyber & Info Security Analyst (Sr and Staff levels)

Job description

The South Texas Project Electric Generating Station is one of the newest and largest nuclear power facilities in the nation.

STP's two units produce 2,700 megawatts of carbon-free electricity - providing clean energy to two million Texas homes.

Through our uncompromising commitment to nuclear safety and continuous focus on improving plant operations, STP has emerged as an industry leader.

Our 1,200 employees maintain an ongoing commitment to the safe and reliable operation of the facility.

The company's culture and core values focus on safety, integrity, teamwork and excellence.

SUMMARY
Responsible for technical advisement for Cyber Security requirements for the protection of all information processed, stored, or transmitted by STP computer systems.

Directs the development and delivery of a comprehensive cyber security program and compliance functions as regulated by NRC, Electric Reliability Council of Texas (ERCOT), and Sarbanes-Oxley.

Oversees the development of standards, policies, procedures, and guidelines which provide guidance and control of cyber security.

Cyber & Info Security Analyst Sr

EDUCATION

• Bachelor degree in Engineering, Computer Science, or Information Systems.

(Preferred)
• Without the above degree, 5 years’ experience in information technology, hardware/software maintenance, configurations and cyber security and risk management.

EXPERIENCE
• 5 Years’ experience in cyber security administration and risk management.

(Required)


LICENSE/CERTIFICATIONS
• CompTIA Security+, CompTIA CySA+, Certification in firewall Management (e.g., CCNA Security, PCNSE, NSE or equivalent), SOC Analyst Certification (e.g., EC-CSA, GIAC GCDA or equivalent).

(Preferred)

ESSENTIAL RESPONSIBILITIES
CYBER SECURITY TECHNICAL ASSISTANCE:
Provides technical assistance and support to customers.
• Provides cyber security technical and operational guidance for the station to assure new business functionalities have the proper security controls and objectives identified, implemented, verified, and tested.

CYBER SECURITY PROCESS DEVELOPMENT - SENIOR:
Develops standards, policies, procedures, and guidelines which provide guidance and control of cyber security.
• Identifies, evaluates, conducts, schedules, and leads cyber security functions to ensure all applicable cyber security requirements are met.

Reviews, recommends, implements, and maintains all security technology products within the security domain.
• Monitors and evaluates vulnerability information from various sources, security trends, best practices and effectively articulates mitigation guidance.
• Develops and implements Disaster Recovery (DR) strategies for Critical Digital Assets.

Conducts cyber security investigations.
• Reviews hardware and software audits for compliance with established regulation, standards, policies, and procedures.
• Designs and deploys enterprise cyber security monitoring, detection, and incident response systems.

CYBER SECURITY - SENIOR:
Architects, designs, evaluates, and integrates information security infrastructure solutions.

Plans, coordinates, and conducts detailed inquiries, assesses potential damage, and develops and implements corrective action plans.
• Provides analysis and/or reverse engineering of suspect source code including Trojans, Virus, back doors, and other known and previously unknown Malware.
• Monitors Cyber Security systems as assigned.
• Installs, configures, operates, and maintains cyber security equipment and log sources and logging technologies.

Cyber & Info Security Analyst Staff

EDUCATION
• Bachelor degree in Engineering, Computer Science, or Information Systems.

(Preferred)
• Without the above degree, 5 years’ experience in information technology, hardware/software maintenance, configurations and cyber security and risk management.

EXPERIENCE
• 8 Years experience in cyber security administration and risk management.

(Required)

LICENSE/CERTIFICATIONS
• Certified Information Systems Security Professional (Preferred)
• Microsoft Certified Solutions Expert (Preferred)
• Cisco Certified Network Professional (Preferred)
• Certified Ethical Hacker (Preferred)
• CompTIA Security+, CompTIA CySA+, Certification in firewall Management (e.g., CCNA Security, PCNSE, NSE or equivalent), SOC Analyst Certification (e.g., EC-CSA, GIAC GCDA or equivalent).

(Preferred)

ESSENTIAL RESPONSIBILITIES
CYBER SECURITY TECHNICAL ASSISTANCE:
Provides technical assistance and support to customers.
• Provides cyber security technical and operational guidance for the station to assure new business functionalities have the proper security controls and objectives identified, implemented, verified, and tested.

CYBER SECURITY PROCESS DEVELOPMENT - STAFF:
Directs standards, policies, procedures, and guidelines which provide guidance and control of cyber security.
• Identifies, evaluates, conducts, schedules, and leads cyber security functions to ensure all applicable cyber security requirements are met.

Reviews, recommends, implements, and maintains all security technology products within the security domain.
• Monitors and evaluates vulnerability information from various sources, security trends, best practices and effectively articulates mitigation guidance.
• Develops and implements Disaster Recovery (DR) strategies for Critical Digital Assets.

Conducts cyber security investigations.
• Reviews hardware and software audits for compliance with established regulation, standards, policies, and procedures.
• Designs and deploys enterprise cyber security monitoring, detection, and incident response systems.
• Responsible for the cyber security implications surrounding the overall architecture of plant networks, operating systems, hardware platforms, plant- specific applications, and the services and protocols upon which those applications rely.

CYBER SECURITY - STAFF:
Architects, designs, evaluates, and integrates information security infrastructure solutions.

Plans, coordinates, and conducts detailed inquiries, assesses potential damage, and develops and implements corrective action plans.
• Provides analysis and/or reverse engineering of suspect source code including Trojans, Virus, back doors, and other known and previously unknown Malware.
• Monitors Cyber Security systems as assigned.

Develops, leads, and administers security risk assessments and threat modeling.
• Installs, configures, operates, and maintains cyber security equipment and log sources and logging technologies.
• Approves proposed cyber security configuration modifications.
• Develops and delivers communications to senior management regarding strategic cyber security risks and threats.
• Oversees and responsible for mitigation response to cyber security audits, network scans, and penetration tests against Critical Digital Assets.


• Oversees and responsible for cyber security investigations involving the compromise of Critical Digital Assets.

SPECIAL SKILLS, KNOWLEDGE AND QUALIFICATIONS – All levels
• Excellent analytical skills and understanding in both problem-solving and research and ability to interpret and report findings.
• Strong technical documentation skills.
• Ability to maintain a strong customer focus and ensure an effective flow of communication.
• Ability to work effectively with team/others and share knowledge to ensure team success.

OTHER RESPONSIBILITIES – All levels
• Accept ERO position as needed.
• Accept outage position as needed.
• Ability to obtain and maintain unescorted access if needed.
• Successfully complete General Employee Training (GET) as required for position.

WORKING CONDITIONS – All levels
• Subject to callouts twenty-four hours per day seven days per week.
• Normal office environment
• Overtime and alternate work schedules as needed.
• Travel may be required.

WORK LOCATION – All levels
• Due to the nature of the work, this position provides the ability for a hybrid work schedule between Site and an alternate work location.

Alternate work locations require adequate technology and that a solid ergonomic setup is present.

Note: Work schedules are contingent on business need.


Posting closes - October 29, 2025



STP is an equal employment and affirmative action employer and is committed to nondiscrimination in all matters relating to employment throughout the organization.

STP will make every good faith effort to meet or exceed its affirmative action goals and commitments.

We thank all individuals for their interest; however, only those chosen for an interview will be contacted.

NOTE: In order to be considered for this position you must complete the entire application process, which includes answering all prescreening questions and providing your eSignature on or before the requisition closing date.


Job Details

Pay Type Salary

Required Skill Profession

Other General