Manager, Cyber Security Operations

This position is available to work in a hybrid work from home capacity. The manager will discuss this in more detail at time of interview. Candidates will need to be local to the Hampton area. If not, they will need to relocate to the area to be considered for this role.

Our Company

More than a utility company, Unitil provides energy for life.

Our work helps keep homes comfortable, businesses thriving and communities connected. Unitil is an investor-owned public utility proudly serving Maine, Massachusetts and New Hampshire. We are dedicated to delivering energy to our customers safely and reliably.

Unitil is committed to creating an inclusive environment that welcomes and values the differences among all of our employees, customers, suppliers and the communities in which we live and conduct business. The continued success of Unitil is enhanced through initiatives that promote diversity and value our employees.

Take advantage of a comprehensive benefits package.

Unitil offers competitive salaries, a consumer-driven health plan, dental and vision coverage, flexible work, company-paid holidays, a, robust, highly competitive retirement plan and educational assistance.

- Note: Benefit offerings may differ between union and non-union employee groups

Position Purpose

Works closely with the Director of Information Security to develop and implement strategies that will help protect company assets. Assists in determining the best protocol to ensure cybersecurity best practices are being followed. Manages the hiring and training process for cyber security personnel. Oversees daily security operations, to include assessments of IT security/risk posture within the IT network, systems and software applications, as well as assessments within the Vendor Management Program. Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Evaluates IT management solutions, to facilitate continuous process improvement and ensure the solution(s) still meet business needs. Assists in the monitoring of IT compliance with SOX, CIS, NERC/CIP, Mass. Privacy and other legal and regulatory authorities. Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications. Provides back up for cyber team members, as needed.

Key responsibilities including but not limited to:

- Management of IT security and IT risk (e.g., data systems, network and/or web, cloud) across the enterprise.

- Address questions from internal and external audits and examinations.

- Assessment of security posture for Unitil vendors.

Principal Accountabilities

% of time

End Results

60%

Data Security

- Perform activities that ensure the security of corporate data, privacy, and record confidentiality

- Participate in periodic risk assessments, to ensure compliance with security standards

- Develop and maintain processes to assess cyber risk, prioritize and facilitate patching and other remediation efforts for workstations, servers and appliances

- Maintain a comprehensive sensitive data inventory and provide data protection strategies appropriate to risk.

- Implement compliance activities with IT Policies, procedures and tests including the Written Information Security, Asset Management, Disaster Recovery, Change Management, Problem Management, and Security Plans

20%

Compliance

- Assist in coordination of cyber drills, exercises and assessments with internal and external stakeholders

- Identify security risks and exposures, and participate in response activities

- Provide reporting needed for IT Control monitoring and responses to external audits, external penetration tests and vulnerability assessments.

- Fulfill audit requests by providing supporting evidence.

- Evaluate software and vendor security assessments and assists in managing the program

- Report on compliance activities related to IT NERC, SOX, MA Privacy, PCI and other IT compliancy programs for the company.

- Follow IT policies and procedures to ensure the security of information assets against unauthorized or accidental modification, destruction, or disclosure. Work with Application Owners to obtain proper documentation for system/application changes

- Maintain cyber metrics related to threats and vulnerabilities

15%

Management

- Work with Director, Information Security, on department budget process

- Hire, train, and oversee daily operations of cybersecurity staff

- Assist with the development of company policies and guidelines, as it pertains to implementing cybersecurity best practices

- Provide cybersecurity status and emerging threat reports, as needed

- Take a leadership position on projects involving network design or the cyber tool stack

5%

Assist the Director of Information Security, and other Subject Matter Experts, in the evaluation and implementation of tools, policies and configurations to improve data security and business controls. Research new technologies and/or processes that will assist in achieving these goals.

Qualifications

- BS/BA in Computer Science or a related field

- 10+ years - Progressive experience in IT/Cybersecurity

- 5 years – Related supervisory and/or lead experience

- Proven ability to engage with Senior Management and regulators

- Experience with Endpoint Detection & Response (EDR/XDR), automation (SOAR) and SIEM tools

- Knowledge of technical infrastructure, networks, databases and systems

- In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence

- Communication for Technical Leadership - Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.)

- Strong analytical skills and attention to detail

- Project Delivery - Proven ability executing projects in a collaborative, fast paced environment

- Vendor / Contract Management - Ability to build effective relationships with third party providers, suppliers, and partners.

- Advanced technical degree and/or Cybersecurity Certifications preferred

Unitil is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

Last Updated: 07/30/2025