Experience Inc. Jobs

This job was posted by https://joblink.maine.gov : For more information, please see: https://joblink.maine.gov/jobs/1092575 The base salary range for this position is dependent upon experience and location, ranging from: \$149,000 - \$214,000

JOB SUMMARY:

Scope of Work - Main duties, settings, geography, reporting relationships, other relationships:

Direct the operational technologies, industrial control systems, governance, risk, and compliance activities across Corporate Security focused on Network electric and gas operating companies. Coordinate control systems risk management and Compliance program with Corporate and Global risk management activities. Develop an organization of 25+ internal and external resources with budgetary responsibilities of \$1M+ in Operational Expenses.

MAJOR ROLES AND RESPONSIBILITIES:

• General Management: Management position responsible for multiple layers of geographically dispersed staff. The candidate must have management, leadership, vendor negotiation and executive level presentation and communication skill abilities. (15%)

{=html} <!-- --> - Governance: Responsible to collaborate with other Avangrid stakeholders to develop a governance framework for the management of new and existing Cybersecurity programs, including policies, procedures, and metrics. Define major milestones and performance evaluation criteria for Corporate Security considering cost, schedule, and risk impacts. (15%)

{=html} <!-- --> - Risk Management: Responsible to develop, implement and direct an operational risk management program for the Corporate Security, OT Cybersecurity vertical. Establish internal controls program identifying the preventive, detective, and corrective criteria to achieve operation, strategic, compliance and reporting objectives. Coordinate and align with Avangrid Corporate and Global risk management activities. These activities would include: Compliance, Cybersecurity, Operations, Reputation, Financial, Health and Safety, risk assessments and control system audits. (25%)

{=html} <!-- --> - Cybersecurity Threats: This position is responsible to direct cybersecurity strategy within Corporate and Networks to identify and mitigate Cybersecurity threats. Lead the Cybersecurity practice across other functional areas to drive consensus for a Cybersecurity roadmap. The roadmap requires threat and vulnerability analysis, design, and engineered solutions that mitigate risk via supply chain vendor evaluation, procurement, contract management and change management impacting network and system assets. This position is responsible to maintain current working knowledge with Cybersecurity technologies through attending appropriate briefings and workshops. (15%)

{=html} <!-- --> - Compliance and Operational Processes: This position is responsible for ensuring effective operational governance across technology domains ensuring auditable compliance. Develop and maintain programs, procedures, measurements, and metrics for compliance performance and system availability. Establish a self-assessment process for the Corporate Security organization. Compliance requirements include but are not limited to: DHS, NIST, FERC, NERC, NPCC criteria, ISO, State Regulations, FTC, SEC, Executive Orders, and other internal corporate policies. (30%)

Education and Experience Minimum Requirements: (Meet at least one of the following)

• BS Technical related Degree* with 15+ yrs. Technical; and
• 7+ yrs. management experience.
• MS/MBA Technical related Degree* with 10+ yrs. technical and 5+ yrs. management experience.

* Preferred Technical related Degree in Business, Computer Science, Engineering, or other technical discipline.

Other desired preferences:

• Experience in federal cybersecurity agencies and environments is preferred.
• Experience in federal or state regulatory environments is preferred.
• Experience and extensive knowledge with the regulatory compliance (Example: NERC CIP).
• Active TS/SCI Security clearance, or the ability to obtain one.
• Control System knowledge and background.
• Knowledge of the current cybersecurity landscape from multiple industries.

Skills/Abilities:

• Ability to resolve complex problems and negotiate successful outcomes with direct and indirect organizational areas.
• Ability to build effective relationships with a diverse group of key stakeholders.
• Strong understanding of cybersecurity and other technologies as it impacts gas and electric network operations.
• Effectively communication both in writing and orally at all levels of the organization for technical and nontechnical items.
• Drives operational decision making and innovation that encourages balanced risk and judgment.
• Promotes working relationships and develops talent across teams and geographical boundaries, building synergies, efficiencies, and shared learning.

Behavioral Competency Requirements:

It is preferred that for this job, the candidate fulfills the requirements in t