Director- Cyber Assurance & Compliance
Company: AVANGRID , Inc.
Location: Rochester
Posted on: May 4, 2024
|
|
Job Description:
The base salary range for this position is dependent upon
experience and location, ranging from: $149,000 - $205,000
JOB SUMMARY:
Scope of Work - Main duties, settings, geography, reporting
relationships, other relationships:
Direct the operational technologies, industrial control systems,
governance, risk, and compliance activities across Corporate
Security focused on Network electric and gas operating companies.
Coordinate control systems risk management and Compliance program
with Corporate and Global risk management activities. Develop an
organization of 25+ internal and external resources with budgetary
responsibilities of $1M+ in Operational Expenses.
MAJOR ROLES AND RESPONSIBILITIES (Scope of work - range of
responsibilities):
General Management: Management position responsible for multiple
layers of geographically dispersed staff. The candidate must have
management, leadership, vendor negotiation and executive level
presentation and communication skill abilities. (15%)
Governance: Responsible to collaborate with other Avangrid
stakeholders to develop a governance framework for the management
of new and existing Cybersecurity programs, including policies,
procedures, and metrics. Define major milestones and performance
evaluation criteria for Corporate Security considering cost,
schedule, and risk impacts. (15%)
Risk Management: Responsible to develop, implement and direct an
operational risk management program for the Corporate Security, OT
Cybersecurity vertical. Establish internal controls program
identifying the preventive, detective, and corrective criteria to
achieve operation, strategic, compliance and reporting objectives.
Coordinate and align with Avangrid Corporate and Global risk
management activities. These activities would include: Compliance,
Cybersecurity, Operations, Reputation, Financial, Health and
Safety, risk assessments and control system audits. (25%)
Cybersecurity Threats: This position is responsible to direct
cybersecurity strategy within Corporate and Networks to identify
and mitigate Cybersecurity threats. Lead the Cybersecurity practice
across other functional areas to drive consensus for a
Cybersecurity roadmap. The roadmap requires threat and
vulnerability analysis, design, and engineered solutions that
mitigate risk via supply chain vendor evaluation, procurement,
contract management and change management impacting network and
system assets. This position is responsible to maintain current
working knowledge with Cybersecurity technologies through attending
appropriate briefings and workshops. (15%)
Compliance and Operational Processes: This position is responsible
for ensuring effective operational governance across technology
domains ensuring auditable compliance. Develop and maintain
programs, procedures, measurements, and metrics for compliance
performance and system availability. Establish a self-assessment
process for the Corporate Security organization. Compliance
requirements include but are not limited to: DHS, NIST, FERC, NERC,
NPCC criteria, ISO, State Regulations, FTC, SEC, Executive Orders,
and other internal corporate policies. (30%)
Education and Experience Minimum Requirements: Meet at least one of
the following:
BS Technical related Degree* with 15+ yrs. technical and 7+ yrs.
management experience.
MS/MBA Technical related Degree* with 10+ yrs. technical and 5+
yrs. management experience.
* Preferred Technical related Degree in Business, Computer Science,
Engineering, or other technical discipline.
Other desired preferences:
Experience in federal cybersecurity agencies and environments is
preferred.
Experience in federal or state regulatory environments is
preferred.
Experience and extensive knowledge with the regulatory compliance
(Example: NERC CIP).
Active TS/SCI Security clearance, or the ability to obtain one.
Control System knowledge and background.
Knowledge of the current cybersecurity landscape from multiple
industries.
Skills/Abilities:
Ability to resolve complex problems and negotiate successful
outcomes with direct and indirect organizational areas.
Ability to build effective relationships with a diverse group of
key stakeholders.
Strong understanding of cybersecurity and other technologies as it
impacts gas and electric network operations.
Effectively communication both in writing and orally at all levels
of the organization for technical and nontechnical items.
Drives operational decision making and innovation that encourages
balanced risk and judgment.
Promotes working relationships and develops talent across teams and
geographical boundaries, building synergies, efficiencies and
shared learning.
Behavioral Competency Requirements:
It is preferred that for this job, the candidate fulfills the
requirements in terms of levels indicated below.
1. Delivering for the Business:
Global view of the Business (Advanced)
Achieving Results and Continuous Improvements (Advanced)
Initiative (Advanced)
Innovation & Creativity (Advanced)
2. Global Relationships:
Flexibility & Globalization (Advanced)
Customer Focus (Advanced)
Communicating & Influencing (Advanced)
Teamwork (Advanced)
3. Managing People:
Team Management (Advanced)
Developing Others (Advanced)
Avangrid employees may be assigned a system emergency role and in
the event of a system emergency, may be required to work outside of
their regular schedule/job duties.
#LI-Hybrid
#LI-JM1
Mobility Information
Please note that any applicant who is not a citizen of the country
of the vacancy will be subject to compliance with the applicable
immigration requirements to legally work in that country
AVANGRID's employment practices and policies are geared to hiring a
diverse workforce and sustaining an inclusive culture. At AVANGRID
we provide fair and equal employment and advancement opportunities
for all employees and candidates regardless of race, color,
religion, national origin, gender, sexual orientation, age, marital
status, disability, protected veteran status or any other status
protected by federal, state, or local law.
If you are an individual with a disability or a disabled veteran
who is unable to use our online tool to search for or to apply for
jobs, you may request a reasonable accommodation by contacting our
People and Organization department at careers@avangrid.com
Job Posting End Date:
Minimum Salary: 149000.00 Maximum Salary: 205000.00 Salary Unit:
Yearly
Keywords: AVANGRID , Inc., Irondequoit , Director- Cyber Assurance & Compliance, Executive , Rochester, New York
Click
here to apply!
|