Manager - Cyber Operations

About The Position

Requirements

• Master’s Degree in Engineering, Computer Science, or technical related degree with a minimum of 4+ years’ experience in IT/OT, NERC/CIP and/or Cybersecurity; or Bachelor’s Degree in Engineering, Computer Science, or technical related degree with a minimum of 6-8 years’ experience in IT/OT, NERC/CIP and/or Cybersecurity
• Associate Degree in Engineering, Computer Science, or technical related degree with a minimum of 8+ years’ experience in IT/OT, NERC/CIP and/or Cybersecurity
• No Degree minimum of 15+ years’ experience in IT/OT, NERC/CIP and/or Cybersecurity
• Experience with key security process and procedures (system hardening, patch management, vulnerability management, supplier management)
• Supervisory / Manager experience over staff, projects, or contractors
• 2 + Years Data Center and OT Infrastructure Experience
• Strong understanding of applicable NERC/CIP Standards
• Strong communication written and verbal skills related to cybersecurity technology
• Strong system engineering and advanced networking
• Strong understanding of current and future state of cyberspace
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders
• An ability to effectively influence others to modify their opinions, plans, or behaviors
• Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business
• An ability to work extremely well under pressure while maintaining a professional image and approach
• Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to lead projects

Nice To Haves

• 5+ years in Business Decision Support including Cybersecurity Operations and Performance/Metrics reporting.
• Experience with Access Controls systems and solutions (SSO, AD, TACACS, MFA, cloud based)
• Experience with a variety of information and network security infrastructure and tools (IDS/IPS, firewall, WAF, configuration management)
• Ability to obtain security clearance at secret level
• Knowledge of federal government cybersecurity activities and practices
• Experience in federal or state regulatory environments
• Experience in federal cybersecurity agencies and environments
• Experience in a utility environment
• Certified Information Systems Security Professional (CISSP)
• Experience with NERC-CIP
• Experience in a utility environment.

Responsibilities

• Provides direct leadership and support across the Avangrid Networks business to support NERC operations and Protection Systems.
• Contributes to the design, implementation, operation, and evolution solutions and strategies for Avangrid Networks Operational Technologies operating companies progress for Grid Digitalization.
• Responsible for managing day to day aspects of Operational Smart Grids NERC operations and Protection Systems Applications.
• Ensures security services and solutions are operated in compliance with industry best practices as well as applicable privacy and legal/regulatory requirements including GDPR, SOX, CEII, and NERC.
• Follow applicable federal agency guidance on security operations practices relevant to Grid Modernization and assess impact on AVANGRID Networks business model.
• Ensures that security services and solutions are well defined, highly available, repeatable, and are constantly measured for key performance, key risk, and key operational level metrics.
• Develops reports, dashboards, and metrics for cyber operations and presents to OSG Management.
• Enhances NERC operations team with advanced techniques and technologies such as automation of manual related efforts.
• Leads, develops, and maintains Operations Security policies, rules standards, and guidelines.
• Oversees employees that are completing cyber vulnerability assessments, SPR’s, OT NOW and IT NOW workflows that ensure NERC/CIP.
• Oversees employees managing Protection Systems applications to ensure the safety of the Operational Smart Grids IT and OT systems.
• Ensures that network infrastructure such as firewalls, routers, and switches are implemented and operated in compliance with documented policies and procedures.
• Ensures that system security controls such as system hardening, vulnerability/patch management, account management, system baselines, change control, and mobile/transient devices are implemented and operated in compliance with documented policies and procedures.
• Understanding of data analytics and associated technologies.
• Ability to define, manage and lead our data initiatives to blend our cybersecurity data into a date lake that can produce useful insights and reports.
• Improves current vulnerability management workstream while managing internal/external relationships, communicating to impacted areas, creating/maintaining dashboards and automating/coordinating deployments.

Benefits

• Competitive benefits and growth opportunities
• Generous performance‑based bonuses
• 12% 401(k) match
• Comprehensive health, dental, and vision insurance
• Tuition reimbursement
• Professional development and clear career‑advancement pathways