Sr. Manager - IT Security

About The Position

Requirements

• Bachelor’s degree in computer science, cybersecurity, information systems, engineering, or a related field and a minimum of ten (10) years of relevant experience. An equivalent combination of education and experience may be considered.
• Demonstrated leadership across enterprise network security and infrastructure security capabilities in a large-scale, complex environment, including enterprise firewall, SD-WAN, WAF, IDS/IPS, segmentation, secure connectivity (VPN/NAT), cloud network security, identity and access management (IAM), privileged access management (PAM), endpoint security, vulnerability management, network detection and response (NDR), and security tooling operations.
• Strong understanding of firewall policy lifecycle management, rule review and optimization, segmentation strategy, VPN/NAT governance, high availability, logging, monitoring, change validation, and audit evidence requirements.
• Experience leading enterprise security platforms and vendors such as Fortinet, Palo Alto, Check Point, Cisco, Akamai WAF, Zscaler, CyberArk, ExtraHop, or equivalent enterprise technologies.
• Ability to establish governance, engineering standards, and operating rhythms that improve security outcomes, service reliability, and delivery predictability.
• Experience defining and managing operational metrics, including KPIs and SLAs; leading service reviews; maintaining operational dashboards; and producing executive reporting, risk summaries, roadmap updates, and decision materials.
• Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines.
• Ability to communicate with and influence technical and non-technical customers, colleagues, and vendors.
• Ability to share knowledge and mentor and manage less experienced team members.
• Strong commitment to personnel safety and IT security.
• Travel within the US and to Europe may be required, as needed.

Nice To Haves

• Master’s degree in IT, Cybersecurity, Engineering, Business Administration, or related field.
• Experience with Fortinet technologies such as FortiGate, FortiManager, FortiAnalyzer, and Secure SD-WAN, or equivalent firewall and SD-WAN platforms.
• Experience with enterprise firewall platforms such as Fortinet, Palo Alto, Check Point, Cisco, or equivalent enterprise technologies.
• Experience with WAF and edge security platforms such as Akamai WAF, or equivalent enterprise technologies.
• Experience with proxy or secure web gateway platforms such as Zscaler, or equivalent enterprise technologies.
• Experience with privileged access management or identity security platforms such as CyberArk, or equivalent enterprise technologies.
• Experience with network detection and response platforms such as ExtraHop, or equivalent enterprise technologies.
• Relevant certifications in network security, firewall, SD-WAN, cybersecurity, infrastructure security, identity security, or IT service management.

Responsibilities

• Leads and integrates Network Security and Infrastructure Security capabilities, establishing a cohesive operating model, clear ownership, and measurable outcomes for protection of enterprise connectivity and IT platforms.
• Defines the technology strategy, target-state architecture, and multi-year roadmaps for network security and enterprise infrastructure security services, aligned to Avangrid standards, business priorities, and the enterprise risk posture.
• Establishes lifecycle management programs to ensure security technologies are correctly deployed, maintained, patched, and modernized; manages roadmaps aligned to enterprise strategy, technology evolution, and continuous transformation.
• Provides leadership over current and future enterprise security technologies and services, including platforms such as Fortinet, Palo Alto, Check Point, Cisco, WAF and edge security platforms such as Akamai WAF, secure web gateway/proxy platforms such as Zscaler, privileged access platforms such as CyberArk, network detection and response platforms such as ExtraHop, or equivalent enterprise technologies.
• Defines and governs engineering standards, reference architectures, and technology guardrails for network security controls (e.g., perimeter, segmentation, IDS/IPS, and cloud network security) and infrastructure security platforms (e.g., identity and access management, privileged access, endpoint security, vulnerability management, and security tooling operations).
• Champions security-by-design by embedding security requirements into architecture, engineering standards, configuration baselines, and operational processes.
• Provides security leadership and architectural governance for cloud network and infrastructure security capabilities, in partnership with Cloud and Platform teams.
• Leads hardening management by selecting applicable standards and reference guides, defining configuration baselines, prioritizing controls, and establishing maturity levels for secure infrastructure and network security profiles.
• Drives modernization and standardization of enterprise firewall and SD-WAN services, including policy governance, rule base optimization, segmentation alignment, VPN/NAT standards, high availability, logging, monitoring, change validation, and operational readiness.
• Defines segmentation and secure connectivity patterns (e.g., site-to-site connectivity, remote access, cloud connectivity, and third-party connectivity) that reduce exposure, support resiliency, and enable business outcomes.
• Partners with architecture and engineering stakeholders to ensure consistent implementation of perimeter, internal segmentation, and edge security controls across enterprise and cloud environments.
• Delivers high levels of operational security, resiliency, and reliability for network and infrastructure security services; defines operational programs and identifies opportunities for improving operational efficiency and reliability as demanded by Avangrid corporate applications.
• Manages operational security performance, including service reliability, incident response partnership, threat containment support, vulnerability remediation execution, and continuous improvement of controls and monitoring.
• Ensures resiliency and availability of security services through capacity planning, high-availability design principles, disciplined change management, and operational readiness practices.
• Leads regulated-utility security alignment activities, including audit support, risk assessments, policy adherence, evidence collection, and remediation planning in partnership with compliance and control owners.
• Reduces operational bottlenecks by improving intake, design review, implementation standards, escalation models, documentation, and automation opportunities to strengthen L3 engineering support.
• Partners with Cybersecurity, Corporate Security, Risk, Infrastructure, Cloud, and Network Engineering teams to align priorities, manage shared dependencies, and drive enterprise security outcomes.
• Manages vendor relationships and service delivery expectations, including operational KPIs/SLAs, contract performance, service reviews, and financial stewardship for assigned programs and platforms.
• Provides leadership for managers, technical leads, and individual contributors: sets objectives, manages performance, develops skills and career paths, executes workforce planning, and builds an inclusive, high-performing culture.
• Builds team capability through mentoring, coaching, hiring, and succession planning to support an evolving security and network technology landscape.

Benefits

• Competitive benefits and growth opportunities
• Generous performance‑based bonuses
• 12% 401(k) match
• Comprehensive health, dental, and vision insurance
• Tuition reimbursement
• Professional development and clear career‑advancement pathways