PNM

Information Security Specialist

Albuquerque, NM

Full-time

$86,016-$146,226

About This Job

PREFERENCES

Incident response experience, security engineering and architecture experience

JOB DESCRIPTION

Salary Grade: G05 Minimum Midpoint Maximum $86,016 - $116,120 - $146,226

This position is covered by NERC CIP cyber security standards. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check. Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required.

SUMMARY:

Under general supervision, plans, coordinates, and implements security measures to safeguard information in computer files against accidental or unauthorized modification, destruction, or disclosure.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

•

Develops and maintains an effective Vulnerability Management program through vulnerability review, planning, tracking, reporting, and coordination with other technical and administrative staff in all departments

•

Develops, implements, maintains, and enforces information protection, information security, corporate policies, standards, and practices throughout the company

•

Develops and provides recommendations to management for overall information protection architecture and program for the Company

•

Develops, implements, supports and maintains employee training and awareness programs for information protection and security

•

Partners with the Information Services Review Board and PNM Audit Services personnel to ensure information protection issues for corporate data, systems, networks, and other information assets are addressed to the satisfaction of all entities

•

Develops effective working relationships with mid- and senior-level management of the various business units throughout the company to obtain support and acceptance of security policies and practices, and develop support for policy enforcement

•

Manages the Information Security (IS) staff and functions in Information Services, assuring effective administration of security activities

•

Manages and reports regularly on all IS projects and activities

•

Works closely with Security Administrators and Technical staff for various systems and networks to ensure that adequate preventive and detection controls are in place

•

Provides coordination and guidance to any decentralized or application security administration functions

•

Assists in contingency planning and testing on a regular basis to ensure company information assets are recoverable and protected

•

Manages the IS work involved in all internal and external security-related audits involving systems, networks, and data

•

Participates with internal departments in risk assessment activities and new software development projects to ensure data security

•

Accesses control and business recovery procedures inherent in all new information technology implementations

•

Provides appropriate security metrics to senior management and other departments using available security tools and services

COMPETENCIES:

•

In-depth management, negotiation, technical skills, and demonstrated leadership and customer service skills

•

Understanding of and ability to relate business requirements and risks to technology implementation for security related issues

•

Excellent skills in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology

•

Knowledge of forensics, incident analysis, and incident response management

•

Demonstrated skills in personnel management, budget management, and conflict management

•

Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions

•

Ability to organize, create, and deliver technical proposals and presentations to peers and management

•

Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to keep the Company in compliance and reduce legal liabilities

•

Project Management knowledge and experience a strong plus

QUALIFICATIONS MINIMUM EDUCATION AND/OR EXPERIENCE:

Bachelor's degree from four-year college or university in Information Resource Management, Business Computer Systems, Computer Science or Computer Security with five to seven years related experience, or equivalent combination of education and/or experience related to the discipline.

CERTIFICATES, LICENSES, REGISTRATIONS:

Certification in security or systems control related field: I.e., CISSP, CISA, or CISM.

SUPERVISORY RESPONSIBILITIES:

Leads teams consisting of members with direct or indirect reporting relationships to ensure adherence to appropriate security measures. Coordinates and works closely with all departmental leaders throughout the Company to ensure policies and standards are followed. May not be directly responsible for an employee, but must develop working relationships and influence the work in order to implement security processes.

COMMUNICATION SKILLS:

•

Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals

•

Ability to write routine reports, regulatory documents, policies and correspondence

•

Ability to speak effectively before groups of customers or employees of organization

MATHEMATICAL SKILLS:

Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume

Ability to apply concepts of basic algebra and geometry

COMPUTER SKILLS:

•

In-depth knowledge and experience with mainframe and client/server applications and information security issues

•

Working knowledge of current marketed security tools and technologies

•

Working knowledge of industry regulations (NERC CIP, Sarbanes Oxley, PCI) and industry security standards (NIST, ISO)

ANALYSIS AND PROBLEM-SOLVING ABILITY:

Ability to solve practical and complex problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.

PHYSICAL DEMANDS:

While performing the duties of this job, the employee is frequently required to stand, sit, and/or walk up to 2/3 of the time. The employee must occasionally lift and/or move up to 25 pounds.

WORK ENVIRONMENT:

Office environment.

SAFETY AND ADA STATEMENT

Safety Statement:

Safety is a core value at (TXNM Energy/PNM/TNMP) and our vision, "everyone goes home safe", reflects our commitment to promoting an environment conducive to learning, improving and building safety practices. Our safety value is built upon the belief that every employee deserves to work in an environment free from harm.

Americans with Disabilities Act (ADA) Statement:

If you require assistance with the job application process due to a disability, please contact HR ADA Analyst, at 505-241-4627.

Information Security Specialist

About This Job

PREFERENCES

JOB DESCRIPTION

COMPETENCIES:

SAFETY AND ADA STATEMENT

Similar Jobs

Trending Jobs

Assistant General Manager, Navy Yard Electric Utility

Electrical Engineer

Accounts Payable Clerk

Apprentice Lineman

Attorney

Apprentice Lineman I

contract landman

Associate Attorney

Oil and Gas Land and Title Analyst - SAM Associate II

Lineworker Apprentice I

Senior Landman

2025 Summer Internship - Engineering

Apprentice Lineman

JOURNEYMAN LINEMAN - WOODLAND PARK

Contracts Administrator

Natural Gas Utility Laborer

Electrical Designer

Landman

Tank Wagon Driver - CDL B

Operator Assistant Trainee - Frac Acid