Staff Development Security Operations Engineer (Information Technology)

If you have what it takes to become part of the Vistra family and would like to start a promising career with a global leader, take a look at the exciting employment opportunities that are currently available and apply online.

Job Summary

As a member of the Vistra Cyber Security Team, the DevSecOps Engineer will work with agile teams to ensure security is considered throughout development through the implementation of automated guardrails and security test. They will assist in design and drive development of security testing and validation into automated tools and pipelines. They will serve as the technical liaison between the Enterprise Architect teams and the Engineering teams. Individuals within this role will specialize in the security disciplines related to automation of security controls, and ideally would have experience or expertise in DevOps.

Job Description

Key Accountabilities

• Provides technical support to integrate security and compliance requirements into all enterprise technology systems and projects as part of the SDLC process by working closely with various other company architects and application teams.

• Creates and maintains documentation related to security processes, procedures and infrastructure.

• Assesses current applications and architecture to determine methods for automating security testing and control validation.

• Executes plans for implementing management directives in most secure manners with automation.

• Provides security guidance and requirements to various technology teams on methods for driving security into every aspect of the established SDLC.

• Works closely with cross-functional teams as a subject matter expert for security standards and advises/contributes to development as needed.

Education, Experience, & Skill Requirements

• BS or BA degree in business or information systems related fields, with an emphasis in information technology or cyber security

• 3 - 7 years of dedicated information security experience OR 5 - 7 years of information technology administration experience 

• Experience designing/implementing security controls in AWS and/or Azure

• Experience with automating processes and/or security controls

• Familiarity with DevOps, DevSecOps, and Agile SDLC methodologies

• Proven knowledge of security concepts (CISSP, CISA, CISM, GPEN, GWAPT, GCIH, other GIAC certifications, OSCP, CEH, PCNSE, etc.) .

• Experience operating in a DevOps team and solving security related objectives through automation.

Key Metrics

• Enhances security team accomplishments and competence by planning delivery of solutions, answering technical and procedural questions for less experienced team members, teaching improved processes, mentoring team members

• Plans security systems by evaluating network and security technologies, developing network requirements for networks and related security and network devices, implements public key infrastructure configurations (PKIs), including use of certification authorities (CAs) and digital signatures

• Adheres to industry guidelines, best practices, and approved standards

• Prepares system security reports by collecting, analyzing, and summarizing data and trends.

• Automates everyday and/or repeatable tasks, including security control enforcement

• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.

This role is focused on advancing cybersecurity for critical infrastructure assets, primarily within on-premises environments supporting power generation. The ideal candidate will bring a strong foundation in computer networking, combined with scripting and data transformation skills to automate security controls, validate configurations, and drive insight through data.

 

• Solid understanding of computer networking fundamentals, including TCP/IP, routing, switching, VLANs, NAT, firewalls, and segmentation. Experience with industrial or air-gapped networks is a plus.
• Experience with security-relevant infrastructure components, such as firewalls, switches, Windows/Linux servers, and endpoint protection platforms.
• Proficiency in scripting and automation, particularly using PowerShell, JavaScript and/or Python, to automate routine tasks, enforce security controls, and validate compliance.
• Ability to work with and visualize large data sets, transforming raw security data (e.g., from vulnerability scanners, EDR, network logs) into actionable insights using tools such as Power BI, Excel, or similar.

#LI-Hybrid

#LI-ND1

Job Family

Information Technology

Company

Vistra Corporate Services Company

Locations

Irving, Texas

Texas

If you currently work for Vistra or its subsidiaries, please apply via the internal career site.

It is the policy of the Company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, disability, genetic information, military service, protected veteran status, or any other consideration protected by federal, state or local laws.

 

If you are an individual with a disability and need assistance submitting an application or would like to request an accommodation, please email us at assistance@vistraenergy.com to make a request.