Director of Infrastructure, Information Security & Compliance

About The Position

Requirements

• Bachelor’s degree in computer science or related field required. Equivalent years of relevant experience may substitute.
• Minimum 10 years’ progressive technology leadership including “hands on” infrastructure technical development, compliance, and security activities.
• Demonstrated experience leading, managing, and developing technical teams, including accountability for performance, coaching, succession planning, and organizational effectiveness.
• Experience implementing and managing a NERC CIP Version 5 and Version 6 compliance program or other comparable regulatory or industry compliance frameworks governing IT infrastructure and information security.
• Experience leading, supporting, and responding to audits of an IT compliance program conducted by external regulatory or oversight agencies, including audit preparation, evidence management, remediation, and sustained compliance.
• Strong expertise in enterprise IT infrastructure technologies, with demonstrated hands-on experience designing, operating, and securing networking, compute, storage, virtualization, identity and access management, and endpoint platforms in complex environments.
• Demonstrated ability to think creatively and innovatively when developing technology solutions.
• Demonstrated ability to solve complex problems in ambiguous situations.
• Excellent verbal and written communication skills.
• Experience designing, integrating, and managing complex infrastructure solutions.
• Project Management knowledge and expertise.

Nice To Haves

• Professional certifications in infrastructure, cloud, cybersecurity, or IT service management such as CISSP, CISM, CCNP, Microsoft Azure, AWS, Google Cloud, ITIL 4, or equivalent advanced certifications are preferred.

Responsibilities

• Oversee the Security Operations Center (SOC) and serve as the Cooperative's NERC CIP Senior Manager, responsible for leading and managing the implementation of and continuing adherence to the requirements within the NERC CIP Standards.
• Serve as the Cooperative’s Technology Change Manager and leads the GSEC Change Advisory Board (CAB), ensuring technology changes are reviewed, approved, and implemented in a controlled and compliant manner.
• Direct IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation, and compliance routines.
• Develop and execute the enterprise infrastructure, information security, and compliance strategy aligned with Cooperative objectives, regulatory requirements, and long-term operational resilience.
• Provide strong technical leadership and subject matter expertise across enterprise IT infrastructure technologies, ensuring architecture decisions, standards, and implementations are secure, resilient, scalable, and support mission critical operations.
• Lead and provide oversight regarding audit, compliance, regulatory and risk management activities across IT functional areas. This includes leading the development and maintenance of policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate IT security and compliance related issues.
• Ensure compliance with NERC CIP Standards.
• Responsible for all network operations work, including the integration of new network technologies, ensuring hardware & network performance at acceptable levels of availability, reliability, and performance.
• Lead and manage mission critical network and infrastructure systems consistent with industry standard best practices. This extends to operations at Corporate Sites, Colocation Facilities, and Member and Plant locations.
• Responsible for development of infrastructure procedures and processes, coordination of network/data operations, business continuance and restoration plan that isolate problems and implement pre-planned alternative routes or systems to restore service, overall enterprise-wide effectiveness and efficiency of multi-state colocation data center systems and networks ensuring high levels of security and system reliability are maintained.
• Lead the evaluation and adoption of new technologies, assess system performance and reliability, and forecast financial, physical, and human resource requirements to support strategic objectives. Manage wide and local area networks to provide reliable data communications across corporate locations, generating stations, and member cooperatives including maintenance, operations and testing of all infrastructure equipment.
• Consult and partner with Member distributions to plan, design, deliver and support IT services.
• Oversee and manage the budgeting process for infrastructure and cybersecurity projects, ensuring optimal allocation of resources to support strategic objectives.
• Provide leadership and recommendations to Executive IT leadership regarding area of accountability issues and needs, prioritization of organizational resources, rates, issues, and interactions.
• Be an organizational leader to ensure team is motivated and communicated to achieve organizational-wide goals.
• Lead the Infrastructure, Information Security & Compliance teams to ensure staff is developed and successfully performing the function and positively impacting the GSEC culture.
• Responsible for communicating and advocating for Infrastructure, Information Security & Compliance issues and needs to Executive IT leadership including removing obstacles and barriers to meet the team’s needs.
• Monitor emerging technologies, industry trends, and external threats related to infrastructure, information security, and compliance, and provide subject matter expertise and recommendations to executive leadership.
• Accountable for compliance with the Golden Spread Safety Policy including all Safety Procedures and third party and Member contractual obligations.
• Other duties as assigned.