Find The RightJob.
Cybersecurity Analyst (II or III)
JOB
APPLICATION MATERIALSApplicants are required to submit a combined cover letter and resume in one PDF document. Your cover letter must summarize your education and experience as it relates to the Cybersecurity Analyst II or III role. Incomplete materials will not be considered.To expedite the application process, combine your cover letter and resume into one PDF document before applying and upload electronically when requested in the online application process.This position is OPEN UNTIL FILLED and applicants are encouraged to apply immediately. The first review date for application materials is scheduled for April 8.IMPORTANT NOTE: Chelan PUD does not sponsor work visas such as H-1B, E-3, F-1, OPT, student visas, TN, or any other visas. Candidates and employees must be eligible to work in the United States without visa sponsorship. Interested parties are also invited to contact Human Resources at joblist@chelanpud.org to discuss the position.SALARY RANGECybersecurity Analyst II: The starting salary range for this position is $89,200 - $111,500 (based on qualifications). With tenure and strong performance in this role an employee may earn up to a maximum of $133,800, annualized.Cybersecurity Analyst III: The starting salary range for this position is $103,600 - $129,500 (based on qualifications). With tenure and strong performance in this role an employee may earn up to a maximum of $155,400, annualized.Introductory Period: New employees holding regular positions must complete an introductory period of twelve months.BENEFITS EPOAIn addition to competitive wages Chelan PUD employees also enjoy outstanding benefits which include zero cost employer funded medical, dental, and vision healthcare benefits, access to the employee assistance program, and a VEBA health reimbursement account.Washington state retirement PERS participation and optional 457 plan participation with an employer matching 401(a) plan.Leave, life & disability benefits including paid leave starting at 21 days per calendar year up to 35 with tenure, 12 paid holidays per calendar year, paid jury duty, short-term disability & long-term disability, and basic life, AD&D, and optional voluntary life.The work life benefits include optional flexible spending accounts for healthcare and dependent care, educational assistance, various rewards and recognition programs and position specific stipends.For more explanation of the district benefits please visit our benefits website www.mychelanpudbenefits.org.JOB POSTINGThis position will be filled at the Cybersecurity Analyst II or III level, contingent upon the experience of the selected applicant. Cybersecurity Analyst IIOverviewThe Cybersecurity Analyst II continuously monitors systems and environments—including on-premises, cloud, and endpoints—evaluates threats, responds to events, and detects potential breaches. They implement and maintain cybersecurity solutions, perform security analysis and audits, and support the identification and remediation of vulnerabilities. The role also includes staying current on developments in the cybersecurity threat landscape, contributing to secure configuration efforts, and collaborating with cybersecurity team members and other IT staff to reduce cybersecurity risk to the District.ResponsibilitiesCybersecurity Analysis, Detection and Response: Continuously monitor network, endpoint, and cloud environments for anomalies, intrusions, breaches, and illegal or suspicious activities. Use tools such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Access Control (NAC), Intrusion Detection and Prevention Systems (IDPS), and other advanced technologies—including AI-enhanced detection and automation tools—to support effective analysis. Investigate potential violations of security procedures and document findings for communication with the Manager of Cybersecurity. Participate in incident response efforts by identifying indicators of compromise (IOCs), following documented procedures, and escalating to senior team members as needed. Analyze third-party threat intelligence and advisories from vendors and official sources, such as CISA, to identify relevant risks and share findings with cybersecurity team members and stakeholders. Use endpoint tools to verify compliance with cybersecurity baselines, standards, and policies. Provide cybersecurity input on defined technology initiatives by evaluating routine risks and recommending standard security practices under the guidance of senior cybersecurity staff.Cybersecurity Vulnerability and Threat Mitigation: Perform regular vulnerability assessments and security analysis of technology systems and endpoints. Conduct risk assessments in alignment with established team guidelines and recommend standard mitigations based on risk level. Prepare reports showing identified risks, priorities, and remediation status, and communicate findings to system owners and appropriate stakeholders. Use endpoint tools to verify compliance with cybersecurity baselines, standards, and policies, and ensure timely remediation when security compliance deviations are detected. Apply security patches to cybersecurity systems to mitigate vulnerabilities promptly while minimizing impact to business operations. Perform routine audits of access controls and sensitive data management practices to ensure the principle of least privilege is enforced and data is classified and encrypted appropriately.IT Security System and Program Administration: Perform configuration changes to cybersecurity systems—such as firewalls and email gateways—using established guidelines to maintain functionality and a high level of security. Address cybersecurity cases escalated from the Service Desk, including issues related to security events, authentication, access, email filtering, and internet connectivity. Collaborate with higher-level Analysts, Engineers, or Architects to resolve more complex escalated issues. Administer Identity and Access Management (IAM) systems, including authentication services and certificate management. Create and maintain documentation on security procedures in accordance with team standards. Support the user awareness program by facilitating training, sharing information, and conducting phishing assessments to address emerging threats, AI-driven attacks, and phishing tactics. Update the Cybersecurity Team SharePoint site with relevant content, including cybersecurity training links and informational resources. Deliver regular cybersecurity communications to District employees to raise awareness of common and emerging threats and promote security-minded behavior.Maintain regular and predictable attendance: Perform related duties and responsibilities as required. Comply with District policies. Complete all required training. Maintain a working knowledge and comply with District safety procedures and specific safety requirements of this position, and those in accordance with applicable provisions of the Revised Code of Washington (RCW) and Washington Administrative Code (WAC).As a secondary function, drive a motorized vehicle while conducting business on behalf of the District.Overtime exemptionExemptQualificationsEducationBachelor's Degree (B.S., B.A.) in Computer Science or a related field is required. Equivalent experience (year for year) may substitute for required education. Experience2+ years of experience performing cybersecurity analysis in an enterprise environment or in a related area is required. District IT or utility operational industry experience is desired. Licenses and CertificationsIndustry-recognized cybersecurity certifications—such as GIAC Certified Enterprise Defender (GCED), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), or other similar certifications—are preferred. Skills and AbilitiesA fully skilled incumbent will have the following knowledge skills & abilities: Technical knowledge of computer hardware, networks, security, and support Knowledge of Networking, including wired and wireless, routing and switching, DNS, NTP, SMTP, and SNMP. Knowledge of IT infrastructure technologies, including SANs, VMWare, Citrix, and load balancers. Knowledge of Operating Systems commonly used in businesses such as Windows (both workstation and server OS) and Linux. Knowledge of Enterprise Firewalls Knowledge of Enterprise Email Gateway systems Advanced knowledge of system analysis, customer needs assessment, and requirements gathering techniques and related documentation standards. Knowledge of business software applications and systems in use at the District/ other utility providers. Knowledge of District software and process design standards. Knowledge of software suites. Knowledge of Enterprise Security Monitoring systems Knowledge in threat hunting and incident response Ability to communicate logically and clearly, both orally and in writing Active Learning — Understanding the implications of new information for both current and future problem-solving and decision-making. Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times. Analytical and problem-solving skillsConceptual and critical thinking skills Ability to constantly learn and effectively apply new technologies while maintaining prior competencies. Troubleshooting — Determining causes of operating errors and deciding what to do about it. Ability to document work, steps to reproduce and resolve issues, and represent all facets of an issue in a clear way. Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems. Operation and Control — Controlling operations of equipment or systems. Ability to implement, administer, and maintain an enterprise network infrastructure. Ability to monitor and analyze network security Ability to perform cybersecurity threat hunting and analysis Ability to respond to cybersecurity events and incidents Time Management — Managing one's own time Effective communication and interpersonal skills to maintain positive and responsive relationships with end users as well as vendors and contractors. Ability to mentor and train lower-level employees. Security Analysis – Analyzing security of technology systems to determine risk and then recommending mitigations Knowledge of AI- and machine learning-based tools used in cybersecurity for detection, automation, and risk prioritization. Knowledge of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms. Knowledge of security considerations in hybrid and cloud-native environments (e.g., AWS, Azure, M365). Must be proficient in reading, writing and speaking English.Cybersecurity Analyst III OverviewThe Cybersecurity Analyst III continuously monitors enterprise systems and environments—including on-premises, cloud, and endpoints—to evaluate threats, respond to security events, and detect potential breaches. They implement and support enterprise cybersecurity solutions, stay current on developments in the cybersecurity threat landscape, and examine and investigate security data. The role includes auditing cybersecurity controls across on-premises and cloud environments, identifying vulnerabilities, and prioritizing patching based on risk—all with the goal of reducing cybersecurity risk to the District in a manner that supports business needs and reliable service delivery. They contribute to the secure design, configuration, and automation of technology systems, provide technical guidance to less experienced cybersecurity team members, and collaborate with other technology teams to promote cybersecurity best practices, including the evaluation and integration of emerging technologies.ResponsibilitiesCybersecurity Analysis, Detection and Response: Continuously monitor and investigate security anomalies, intrusions, breaches, and illegal or suspicious activities across enterprise systems and environments—including on-premises, cloud, and endpoints—using tools such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Access Control (NAC), Intrusion Detection and Prevention Systems (IDPS), and other advanced tools including AI-enhanced detection and automation. Lead initial handling of cybersecurity events and incidents by responding to attempted compromises using documented procedures. Identify indicators of compromise (IOCs), collaborate with Cybersecurity Engineers or Architects for deeper investigations, and share findings with internal stakeholders and external entities—such as ISACs and CISA—using standard processes and templates. Prepare incident response, root cause analysis, and other cybersecurity reports in accordance with established procedures. Recommend detection logic enhancements and develop or improve automation for incident and event response workflows. Investigate violations of security procedures, counsel involved parties to prevent recurrence, and document findings for the Manager of Cybersecurity. Analyze third-party security advisories from vendors and official sources (e.g., CISA) to identify relevant threats and vulnerabilities, and share documented findings with cybersecurity team members and stakeholders to support risk mitigation. Use EDR and related tools to assess endpoint compliance with cybersecurity standards, secure configuration baselines, and policy requirements. Serve as a cybersecurity partner on cross-functional technology initiatives by evaluating risks, analyzing controls, and recommending mitigations to ensure security is integrated into planning and implementation. Cybersecurity Vulnerability and Threat Mitigation: Oversee security patching by advising on risk-based prioritization and monitoring mitigation progress using vulnerability management tools to ensure timely application of patches and mitigations with minimal business impact. Perform regular vulnerability assessments and security analysis of technology systems and endpoints. Create reports detailing risk, priorities, and remediation status, share findings with stakeholders, and coordinate with system owners to request and track implementation of patches and other mitigations. Ensure security patches are prioritized and applied to cybersecurity systems in a timely manner to reduce risk while minimizing disruption. Conduct regular audits of access controls and sensitive data management practices to enforce the principle of least privilege and verify that data is encrypted and classified appropriately. Contribute to the development of secure configuration baselines for critical systems.IT Security System and Program Administration: Work with the Cybersecurity Engineer or Architect to create configuration guidelines for cybersecurity systems—such as firewalls and email gateways—to ensure optimal functionality and a high level of security. Perform configuration changes in accordance with established guidelines. Periodically audit the creation, modification, and removal of privileges to District business systems and databases following trigger events such as employee onboarding, departures, and third-party access. Respond to cybersecurity-related issues escalated from the Service Desk, including security events, authentication or access issues, email filtering, internet access, and permissions. Mentor lower-level Analysts in resolving complex cases and escalate to Engineers or Architects when appropriate. Maintain secure and reliable Identity and Access Management (IAM) processes and administer authentication systems, including certificate management. Create and update cybersecurity procedure documentation to ensure accuracy and alignment with current practices. Administer the user cybersecurity awareness program—including quarterly training, phishing assessments, and regular employee communications—and, in partnership with the Manager of Cybersecurity, help lead quarterly awareness campaigns and curate timely content on emerging threats, AI-driven attacks, and phishing tactics. Ensure the Cybersecurity Team SharePoint site is regularly updated with relevant content, including cybersecurity training links and informational articles.Knowledge Sharing and Mentoring: Provide technical expertise and mentorship to less experienced cybersecurity team members in areas such as threat detection, vulnerability analysis, and secure system implementation. Assist with onboarding new staff and contribute to the refinement of standard operating procedures (SOPs). Serve as escalation support and backup for senior cybersecurity personnel when needed. Share cybersecurity knowledge and best practices with other technology teams to support secure development, implementation, and improvement efforts on prioritized initiatives.Maintain regular and predictable attendance: Perform related duties and responsibilities as required. Comply with District policies. Complete all required training. Maintain a working knowledge and comply with District safety procedures and specific safety requirements of this position, and those in accordance with applicable provisions of the Revised Code of Washington (RCW) and Washington Administrative Code (WAC).As a secondary function, drive a motorized vehicle while conducting business on behalf of the District.Overtime exemptionExemptQualificationsEducationBachelor's Degree (B.S., B.A.) in Computer Science or a related field is required. Equivalent experience (year for year) may substitute for required education. Experience5+ years of experience performing cybersecurity analysis in an enterprise environment, or in a related area, is required. District IT or utility operational industry experience is desired. Licenses and CertificationsIndustry-recognized cybersecurity certifications—such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), GIAC Security Essentials (GSEC), or other related certifications—are preferred. Skills and AbilitiesA fully skilled incumbent will have the following knowledge skills & abilities: Technical knowledge of computer hardware, networks, security, and support Knowledge of Networking, including wired and wireless, routing and switching, DNS, NTP, SMTP, and SNMP. Knowledge of IT infrastructure technologies, including SANs, VMWare, Citrix, and load balancers. Knowledge of Operating Systems commonly used in businesses such as Windows (both workstation and server OS) and Linux. Knowledge of Enterprise Firewalls Knowledge of Enterprise Email Gateway systems Advanced knowledge of system analysis, customer needs assessment, and requirements gathering techniques and related documentation standards. Knowledge of business software applications and systems in use at the District/ other utility providers. Knowledge of District software and process design standards. Knowledge of software suites. Knowledge of Enterprise Security Monitoring systems In-depth knowledge of major software applications and systems in use at the District or other utility providers, and how to apply the software to business processes Knowledge of utility operations best practices Well-developed knowledge of vulnerability and patch management Well-developed knowledge of advanced threat hunting and responding to cybersecurity incidents Ability to communicate logically and clearly, both orally and in writingActive Learning — Understanding the implications of new information for both current and future problem-solving and decision-making. Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times. Analytical and problem-solving skillsConceptual and critical thinking skills Ability to constantly learn and effectively apply new technologies while maintaining prior competencies. Troubleshooting — Determining causes of operating errors and deciding what to do about it. Ability to document work, steps to reproduce and resolve issues, and represent all facets of an issue in a clear way. Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems. Operation and Control — Controlling operations of equipment or systems. Ability to implement, administer, and maintain an enterprise network infrastructure. Ability to monitor and analyze network security Ability to perform cybersecurity threat hunting and analysis Ability to respond to cybersecurity events and incidents Time Management — Managing one's own time Effective communication and interpersonal skills to maintain positive and responsive relationships with end users as well as vendors and contractors. Ability to mentor and train lower-level employees. Ability to monitor and analyze IT System security, including troubleshooting and developing and implementing solutions to resolve security issues. Complex Problem Solving — Identifying complex problems and reviewing related information to develop and evaluate options and implement solutions. Coordination — Adjusting actions in relation to others' actions. Knowledge of security considerations in hybrid and cloud-native environments (e.g., AWS, Azure, M365). Understanding of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms. Understanding of AI- and machine learning-based tools used in cybersecurity for detection, automation, and risk prioritization. Security Analysis – Analyzing security of technology systems to determine risk and then recommending mitigations Must be proficient in reading, writing and speaking English. BACKGROUND SCREENINGPursuant to the North American Electric Reliability Corporation (NERC) standards, Chelan County Public Utility District #1 conducts background screening of personnel who have access to the District's critical physical and/or cyber assets.DISCLAIMERThe statements contained herein reflect general details as necessary to describe the principal functions for this job, the level of knowledge and skill typically required, and the scope of responsibility. This should not be considered an all-inclusive listing of work requirements. Individuals may perform other duties as assigned, including work in other functional areas to cover absences or relief, to equalize peak work periods or otherwise to balance the workload.As part of its recruiting process, Chelan PUD may engage a third-party vendor to perform previous employment verification, education verification, and reference checking. EEOChelan PUD is an Equal Employment Opportunity employer. We value diversity at all levels of the organization. All qualified applicants will receive consideration for employment without regard to any protected classifications as defined by law.EEO Law Posters can be found on the main Careers page in English and Spanish. Chelan PUD will not be offering any work visa sponsorship for this role.Pay Transparency Nondiscrimination ProvisionThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-I.35(c)
APPLICATION MATERIALSApplicants are required to submit a combined cover letter and resume in one PDF document. Your cover letter must summarize your education and experience as it relates to the Cybersecurity Analyst II or III role. Incomplete materials will not be considered.To expedite the application process, combine your cover letter and resume into one PDF document before applying and upload electronically when requested in the online application process.This position is OPEN UNTIL FILLED and applicants are encouraged to apply immediately. The first review date for application materials is scheduled for April 8.IMPORTANT NOTE: Chelan PUD does not sponsor work visas such as H-1B, E-3, F-1, OPT, student visas, TN, or any other visas. Candidates and employees must be eligible to work in the United States without visa sponsorship. Interested parties are also invited to contact Human Resources at joblist@chelanpud.org to discuss the position.SALARY RANGECybersecurity Analyst II: The starting salary range for this position is $89,200 - $111,500 (based on qualifications). With tenure and strong performance in this role an employee may earn up to a maximum of $133,800, annualized.Cybersecurity Analyst III: The starting salary range for this position is $103,600 - $129,500 (based on qualifications). With tenure and strong performance in this role an employee may earn up to a maximum of $155,400, annualized.Introductory Period: New employees holding regular positions must complete an introductory period of twelve months.BENEFITS EPOAIn addition to competitive wages Chelan PUD employees also enjoy outstanding benefits which include zero cost employer funded medical, dental, and vision healthcare benefits, access to the employee assistance program, and a VEBA health reimbursement account.Washington state retirement PERS participation and optional 457 plan participation with an employer matching 401(a) plan.Leave, life & disability benefits including paid leave starting at 21 days per calendar year up to 35 with tenure, 12 paid holidays per calendar year, paid jury duty, short-term disability & long-term disability, and basic life, AD&D, and optional voluntary life.The work life benefits include optional flexible spending accounts for healthcare and dependent care, educational assistance, various rewards and recognition programs and position specific stipends.For more explanation of the district benefits please visit our benefits website www.mychelanpudbenefits.org.JOB POSTINGThis position will be filled at the Cybersecurity Analyst II or III level, contingent upon the experience of the selected applicant. Cybersecurity Analyst IIOverviewThe Cybersecurity Analyst II continuously monitors systems and environments—including on-premises, cloud, and endpoints—evaluates threats, responds to events, and detects potential breaches. They implement and maintain cybersecurity solutions, perform security analysis and audits, and support the identification and remediation of vulnerabilities. The role also includes staying current on developments in the cybersecurity threat landscape, contributing to secure configuration efforts, and collaborating with cybersecurity team members and other IT staff to reduce cybersecurity risk to the District.ResponsibilitiesCybersecurity Analysis, Detection and Response: Continuously monitor network, endpoint, and cloud environments for anomalies, intrusions, breaches, and illegal or suspicious activities. Use tools such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Access Control (NAC), Intrusion Detection and Prevention Systems (IDPS), and other advanced technologies—including AI-enhanced detection and automation tools—to support effective analysis. Investigate potential violations of security procedures and document findings for communication with the Manager of Cybersecurity. Participate in incident response efforts by identifying indicators of compromise (IOCs), following documented procedures, and escalating to senior team members as needed. Analyze third-party threat intelligence and advisories from vendors and official sources, such as CISA, to identify relevant risks and share findings with cybersecurity team members and stakeholders. Use endpoint tools to verify compliance with cybersecurity baselines, standards, and policies. Provide cybersecurity input on defined technology initiatives by evaluating routine risks and recommending standard security practices under the guidance of senior cybersecurity staff.Cybersecurity Vulnerability and Threat Mitigation: Perform regular vulnerability assessments and security analysis of technology systems and endpoints. Conduct risk assessments in alignment with established team guidelines and recommend standard mitigations based on risk level. Prepare reports showing identified risks, priorities, and remediation status, and communicate findings to system owners and appropriate stakeholders. Use endpoint tools to verify compliance with cybersecurity baselines, standards, and policies, and ensure timely remediation when security compliance deviations are detected. Apply security patches to cybersecurity systems to mitigate vulnerabilities promptly while minimizing impact to business operations. Perform routine audits of access controls and sensitive data management practices to ensure the principle of least privilege is enforced and data is classified and encrypted appropriately.IT Security System and Program Administration: Perform configuration changes to cybersecurity systems—such as firewalls and email gateways—using established guidelines to maintain functionality and a high level of security. Address cybersecurity cases escalated from the Service Desk, including issues related to security events, authentication, access, email filtering, and internet connectivity. Collaborate with higher-level Analysts, Engineers, or Architects to resolve more complex escalated issues. Administer Identity and Access Management (IAM) systems, including authentication services and certificate management. Create and maintain documentation on security procedures in accordance with team standards. Support the user awareness program by facilitating training, sharing information, and conducting phishing assessments to address emerging threats, AI-driven attacks, and phishing tactics. Update the Cybersecurity Team SharePoint site with relevant content, including cybersecurity training links and informational resources. Deliver regular cybersecurity communications to District employees to raise awareness of common and emerging threats and promote security-minded behavior.Maintain regular and predictable attendance: Perform related duties and responsibilities as required. Comply with District policies. Complete all required training. Maintain a working knowledge and comply with District safety procedures and specific safety requirements of this position, and those in accordance with applicable provisions of the Revised Code of Washington (RCW) and Washington Administrative Code (WAC).As a secondary function, drive a motorized vehicle while conducting business on behalf of the District.Overtime exemptionExemptQualificationsEducationBachelor's Degree (B.S., B.A.) in Computer Science or a related field is required. Equivalent experience (year for year) may substitute for required education. Experience2+ years of experience performing cybersecurity analysis in an enterprise environment or in a related area is required. District IT or utility operational industry experience is desired. Licenses and CertificationsIndustry-recognized cybersecurity certifications—such as GIAC Certified Enterprise Defender (GCED), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), or other similar certifications—are preferred. Skills and AbilitiesA fully skilled incumbent will have the following knowledge skills & abilities: Technical knowledge of computer hardware, networks, security, and support Knowledge of Networking, including wired and wireless, routing and switching, DNS, NTP, SMTP, and SNMP. Knowledge of IT infrastructure technologies, including SANs, VMWare, Citrix, and load balancers. Knowledge of Operating Systems commonly used in businesses such as Windows (both workstation and server OS) and Linux. Knowledge of Enterprise Firewalls Knowledge of Enterprise Email Gateway systems Advanced knowledge of system analysis, customer needs assessment, and requirements gathering techniques and related documentation standards. Knowledge of business software applications and systems in use at the District/ other utility providers. Knowledge of District software and process design standards. Knowledge of software suites. Knowledge of Enterprise Security Monitoring systems Knowledge in threat hunting and incident response Ability to communicate logically and clearly, both orally and in writing Active Learning — Understanding the implications of new information for both current and future problem-solving and decision-making. Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times. Analytical and problem-solving skillsConceptual and critical thinking skills Ability to constantly learn and effectively apply new technologies while maintaining prior competencies. Troubleshooting — Determining causes of operating errors and deciding what to do about it. Ability to document work, steps to reproduce and resolve issues, and represent all facets of an issue in a clear way. Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems. Operation and Control — Controlling operations of equipment or systems. Ability to implement, administer, and maintain an enterprise network infrastructure. Ability to monitor and analyze network security Ability to perform cybersecurity threat hunting and analysis Ability to respond to cybersecurity events and incidents Time Management — Managing one's own time Effective communication and interpersonal skills to maintain positive and responsive relationships with end users as well as vendors and contractors. Ability to mentor and train lower-level employees. Security Analysis – Analyzing security of technology systems to determine risk and then recommending mitigations Knowledge of AI- and machine learning-based tools used in cybersecurity for detection, automation, and risk prioritization. Knowledge of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms. Knowledge of security considerations in hybrid and cloud-native environments (e.g., AWS, Azure, M365). Must be proficient in reading, writing and speaking English.Cybersecurity Analyst III OverviewThe Cybersecurity Analyst III continuously monitors enterprise systems and environments—including on-premises, cloud, and endpoints—to evaluate threats, respond to security events, and detect potential breaches. They implement and support enterprise cybersecurity solutions, stay current on developments in the cybersecurity threat landscape, and examine and investigate security data. The role includes auditing cybersecurity controls across on-premises and cloud environments, identifying vulnerabilities, and prioritizing patching based on risk—all with the goal of reducing cybersecurity risk to the District in a manner that supports business needs and reliable service delivery. They contribute to the secure design, configuration, and automation of technology systems, provide technical guidance to less experienced cybersecurity team members, and collaborate with other technology teams to promote cybersecurity best practices, including the evaluation and integration of emerging technologies.ResponsibilitiesCybersecurity Analysis, Detection and Response: Continuously monitor and investigate security anomalies, intrusions, breaches, and illegal or suspicious activities across enterprise systems and environments—including on-premises, cloud, and endpoints—using tools such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Network Access Control (NAC), Intrusion Detection and Prevention Systems (IDPS), and other advanced tools including AI-enhanced detection and automation. Lead initial handling of cybersecurity events and incidents by responding to attempted compromises using documented procedures. Identify indicators of compromise (IOCs), collaborate with Cybersecurity Engineers or Architects for deeper investigations, and share findings with internal stakeholders and external entities—such as ISACs and CISA—using standard processes and templates. Prepare incident response, root cause analysis, and other cybersecurity reports in accordance with established procedures. Recommend detection logic enhancements and develop or improve automation for incident and event response workflows. Investigate violations of security procedures, counsel involved parties to prevent recurrence, and document findings for the Manager of Cybersecurity. Analyze third-party security advisories from vendors and official sources (e.g., CISA) to identify relevant threats and vulnerabilities, and share documented findings with cybersecurity team members and stakeholders to support risk mitigation. Use EDR and related tools to assess endpoint compliance with cybersecurity standards, secure configuration baselines, and policy requirements. Serve as a cybersecurity partner on cross-functional technology initiatives by evaluating risks, analyzing controls, and recommending mitigations to ensure security is integrated into planning and implementation. Cybersecurity Vulnerability and Threat Mitigation: Oversee security patching by advising on risk-based prioritization and monitoring mitigation progress using vulnerability management tools to ensure timely application of patches and mitigations with minimal business impact. Perform regular vulnerability assessments and security analysis of technology systems and endpoints. Create reports detailing risk, priorities, and remediation status, share findings with stakeholders, and coordinate with system owners to request and track implementation of patches and other mitigations. Ensure security patches are prioritized and applied to cybersecurity systems in a timely manner to reduce risk while minimizing disruption. Conduct regular audits of access controls and sensitive data management practices to enforce the principle of least privilege and verify that data is encrypted and classified appropriately. Contribute to the development of secure configuration baselines for critical systems.IT Security System and Program Administration: Work with the Cybersecurity Engineer or Architect to create configuration guidelines for cybersecurity systems—such as firewalls and email gateways—to ensure optimal functionality and a high level of security. Perform configuration changes in accordance with established guidelines. Periodically audit the creation, modification, and removal of privileges to District business systems and databases following trigger events such as employee onboarding, departures, and third-party access. Respond to cybersecurity-related issues escalated from the Service Desk, including security events, authentication or access issues, email filtering, internet access, and permissions. Mentor lower-level Analysts in resolving complex cases and escalate to Engineers or Architects when appropriate. Maintain secure and reliable Identity and Access Management (IAM) processes and administer authentication systems, including certificate management. Create and update cybersecurity procedure documentation to ensure accuracy and alignment with current practices. Administer the user cybersecurity awareness program—including quarterly training, phishing assessments, and regular employee communications—and, in partnership with the Manager of Cybersecurity, help lead quarterly awareness campaigns and curate timely content on emerging threats, AI-driven attacks, and phishing tactics. Ensure the Cybersecurity Team SharePoint site is regularly updated with relevant content, including cybersecurity training links and informational articles.Knowledge Sharing and Mentoring: Provide technical expertise and mentorship to less experienced cybersecurity team members in areas such as threat detection, vulnerability analysis, and secure system implementation. Assist with onboarding new staff and contribute to the refinement of standard operating procedures (SOPs). Serve as escalation support and backup for senior cybersecurity personnel when needed. Share cybersecurity knowledge and best practices with other technology teams to support secure development, implementation, and improvement efforts on prioritized initiatives.Maintain regular and predictable attendance: Perform related duties and responsibilities as required. Comply with District policies. Complete all required training. Maintain a working knowledge and comply with District safety procedures and specific safety requirements of this position, and those in accordance with applicable provisions of the Revised Code of Washington (RCW) and Washington Administrative Code (WAC).As a secondary function, drive a motorized vehicle while conducting business on behalf of the District.Overtime exemptionExemptQualificationsEducationBachelor's Degree (B.S., B.A.) in Computer Science or a related field is required. Equivalent experience (year for year) may substitute for required education. Experience5+ years of experience performing cybersecurity analysis in an enterprise environment, or in a related area, is required. District IT or utility operational industry experience is desired. Licenses and CertificationsIndustry-recognized cybersecurity certifications—such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), GIAC Security Essentials (GSEC), or other related certifications—are preferred. Skills and AbilitiesA fully skilled incumbent will have the following knowledge skills & abilities: Technical knowledge of computer hardware, networks, security, and support Knowledge of Networking, including wired and wireless, routing and switching, DNS, NTP, SMTP, and SNMP. Knowledge of IT infrastructure technologies, including SANs, VMWare, Citrix, and load balancers. Knowledge of Operating Systems commonly used in businesses such as Windows (both workstation and server OS) and Linux. Knowledge of Enterprise Firewalls Knowledge of Enterprise Email Gateway systems Advanced knowledge of system analysis, customer needs assessment, and requirements gathering techniques and related documentation standards. Knowledge of business software applications and systems in use at the District/ other utility providers. Knowledge of District software and process design standards. Knowledge of software suites. Knowledge of Enterprise Security Monitoring systems In-depth knowledge of major software applications and systems in use at the District or other utility providers, and how to apply the software to business processes Knowledge of utility operations best practices Well-developed knowledge of vulnerability and patch management Well-developed knowledge of advanced threat hunting and responding to cybersecurity incidents Ability to communicate logically and clearly, both orally and in writingActive Learning — Understanding the implications of new information for both current and future problem-solving and decision-making. Active Listening — Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times. Analytical and problem-solving skillsConceptual and critical thinking skills Ability to constantly learn and effectively apply new technologies while maintaining prior competencies. Troubleshooting — Determining causes of operating errors and deciding what to do about it. Ability to document work, steps to reproduce and resolve issues, and represent all facets of an issue in a clear way. Critical Thinking — Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems. Operation and Control — Controlling operations of equipment or systems. Ability to implement, administer, and maintain an enterprise network infrastructure. Ability to monitor and analyze network security Ability to perform cybersecurity threat hunting and analysis Ability to respond to cybersecurity events and incidents Time Management — Managing one's own time Effective communication and interpersonal skills to maintain positive and responsive relationships with end users as well as vendors and contractors. Ability to mentor and train lower-level employees. Ability to monitor and analyze IT System security, including troubleshooting and developing and implementing solutions to resolve security issues. Complex Problem Solving — Identifying complex problems and reviewing related information to develop and evaluate options and implement solutions. Coordination — Adjusting actions in relation to others' actions. Knowledge of security considerations in hybrid and cloud-native environments (e.g., AWS, Azure, M365). Understanding of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms. Understanding of AI- and machine learning-based tools used in cybersecurity for detection, automation, and risk prioritization. Security Analysis – Analyzing security of technology systems to determine risk and then recommending mitigations Must be proficient in reading, writing and speaking English. BACKGROUND SCREENINGPursuant to the North American Electric Reliability Corporation (NERC) standards, Chelan County Public Utility District #1 conducts background screening of personnel who have access to the District's critical physical and/or cyber assets.DISCLAIMERThe statements contained herein reflect general details as necessary to describe the principal functions for this job, the level of knowledge and skill typically required, and the scope of responsibility. This should not be considered an all-inclusive listing of work requirements. Individuals may perform other duties as assigned, including work in other functional areas to cover absences or relief, to equalize peak work periods or otherwise to balance the workload.As part of its recruiting process, Chelan PUD may engage a third-party vendor to perform previous employment verification, education verification, and reference checking. EEOChelan PUD is an Equal Employment Opportunity employer. We value diversity at all levels of the organization. All qualified applicants will receive consideration for employment without regard to any protected classifications as defined by law.EEO Law Posters can be found on the main Careers page in English and Spanish. Chelan PUD will not be offering any work visa sponsorship for this role.Pay Transparency Nondiscrimination ProvisionThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-I.35(c)
Similar jobs
No similar jobs found
© 2026 Qureos. All rights reserved.