Sr Engineer, Cybersecurity

Company Overview We are committed to understanding the needs of the homes and businesses we serve. That's why we're always looking for driven, collaborative people to join our team. Because we believe that offering our customers the best service means bringing together the best people. And we find the best by hiring those who share our values of safety, inclusion and integrity, and demonstrate the competencies that bring the Spire vision, mission and culture to life: •

Adaptability:

We embrace change, continuously seeking opportunities for improvement while remaining open-minded and flexible in response to evolving conditions and customer, stakeholder and company needs. •

Collaboration:

We achieve more together through a foundation of respect, embracing healthy conflict, actively seeking and providing actionable feedback and fostering an environment where everyone's input is welcomed.

Ownership:

We see things through, demonstrate accountability, honor commitments, take responsibility for outcomes and demonstrate initiative. By living our values and competencies, we strive to create an environment where employees feel welcome, respected, and valued.

Summary Spire is seeking a Cybersecurity Engineer, Sr. This position will be responsible for protecting the confidentiality and integrity of customer, employee and business information in compliance with organization policies and standards while participating directly in the planning, development, implementation and expansion of security technologies throughout the company. The selected candidate must effectively drive IT security actions with the team across the organization, perform cyber security threat impact assessments and prepare assessment reports, and analyze cyber security discovery information; to include determining requirements and remediations while coordinating with various vendors and business stakeholders.

Duties and Responsibilities Participate in regular status meetings Ensure events are properly documented for network security and cybersecurity stakeholders Responsible for providing analysis and documentation of IT risk processes Conducts pre-production testing and reviews of proposed security changes Oversees identification and reporting of potential impacts of problems Conducts testing and reviews of security changes to ensure compliance with IT Security controls Work with vendors to perform assessments, understand security functionality and implementation Stays current on common and emerging security standards and frameworks Apply advance security knowledge working in the following areas:

CISCO ASA

Firewall/Palo Alto Firewalls Windows/Linux/Oracle OS Security Best Practices

SIEM, O365

Suite, Antivirus Tools, Email Security, Scripting skills, 3rd Party Vendor Assessments Monitoring, Incident Response, Threat Intelligence, Pen Testing, Vulnerability Assessments, Technology evaluation All other duties as assigned or requested Essential Characteristics Ability to demonstrate and master the core and job category competencies Ability to lead by example in support of the Company's essential characteristics and values Ability to work under pressure, respond to incidents, and meet deadlines in a fast-paced environment Strong interpersonal skills with proven ability to establish rapport with a diverse array of people Ability to communicate technical concepts clearly to both technical and non-technical stakeholders Required Education (certifications, licenses) A Bachelor's degree in Information Technology, Computer Science, Engineering, and/or equivalent experience in

Information Systems Certificates, Licenses, Registrations:

Security+, CISSP, CCNA or equivalent certification/degree.

Required knowledge, skill and abilities Experience with SIEM tools, O365 security, endpoint protection, and email security control (required) Five years of experience in the Cybersecurity function (required) Advanced knowledge of cybersecurity frameworks (NIST, ISO, CIS) and enterprise security architecture Strong analytical capabilities, demonstrated knowledge and understanding of security technologies Solid understanding of security best practices General understanding of Information Technology, such as TCP/IP fundamentals, Web protocols (HTTPS), modifying system parameters, understanding network security, risk and threat prevention Strong expertise in network and system security (enterprise firewall platforms and enterprise operating systems) Solid understanding of vulnerability management, penetration testing, threat intelligence, and incident response Proven ability to analyze cyber risks, conduct impact assessments, and produce clear documentation/reporting Skill in evaluating, testing, and implementing security technologies and controls Proficiency in scripting (PowerShell, Python, Bash) for automation and security operations Experience performing third-party/vendor security assessments and coordinating remediation efforts Ability to lead cybersecurity initiatives and drive cross-functional collaboration Strong analytical, problem-solving, and organizational skills with ability to manage multiple priorities Physical demands, environment and schedule Hybrid Work Environment Some travel maybe required Posting Requirements Spire accepts online applications through our career site at jobs.spireenergy.com Posting requirements: The above posting description is intended to describe the general nature of the level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. To perform this job successfully, an individual must be able to perform each duty and responsibility satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Spire, Inc., and its subsidiaries are Affirmative Action and Equal Employment Opportunity employer. We are committed to providing equal employment opportunity in all areas, including but not necessarily limited to, recruitment, selection, training, education, compensation, benefits, promotion, job transfer, upgrading, separation and recall regardless of the individual's race, color, sex, age, religion, national origin, genetics, sexual orientation, gender identity, disability, veteran status, and/or other protected categories under all Federal, State, and local laws. For more information, please view our Integrity and Inclusion pages of our career site.