Supervisor, Cyber Operations

Georgia System Operations Corporation (GSOC) is a non-profit cooperative that operates state-wide facilities to generate and transmit power through the Georgia power grid, providing reliable power to more than 4 million Georgians. The Supervisor, Cyber Operations, will play a key role in GSOC's Security Operations department, including a focus on meeting NERC Critical Infrastructure Protection (CIP) requirements to ensure cyber security of the programmable electronic devices and networks digital within our Operational Technology (OT) network. As a leader of cyber security analysts, you will develop programs, processes, and people to ensure compliance with NERC CIP standards as well as to implement other cyber security solutions to protect the critical infrastructure for the electric grid in Georgia.

Responsibilities:

- Manage OT security event monitoring alert response, initial triage, and escalation

- Manage OT access provisioning and revocation of accounts and roles required for CIP systems, data, and applications

- Manage OT vulnerability management and threat intelligence programs

- Manage OT asset management program for Bulk Electric System Cyber Systems and Assets

- Evaluate emerging technologies and assess their applicability to various cyber programs

- Collaborate with cross-functional teams, including operations and maintenance, engineering, audit, and IT, to ensure compliance with NERC CIP standards and other cyber programs

- Provide technical guidance and mentorship to Security Operations analysts and PSOC/NOC (Physical Security Operations Center/Network Operations Center) operators

Job Duties:

- Supervision and performance management of staff, support of the processes and technology necessary for team effectiveness, and coordination of activities with other teams and departments within the FOC.

- Lead efforts to develop cyber programs, processes and activities that meet strategic business and security objectives and enable uninterrupted business and operations activities.

- Provide work direction and technical assistance to analysts in the Security Operations department. Take a hands-on role in mentoring, coaching, and developing other team members.

- Develop, review, and implement programs and processes to ensure compliance with NERC Critical Infrastructure Protection (CIP) standards.

- Support development of programs and processes based on projects and collaboration with other GSOC departments.

- Maintain up-to-date knowledge of industry and security trends. Inform Manager, Security Operations on strategic technology and security planning.

- Provide input to management on associates' performance. Provide input to management on annual budget issues and monitors expenditures to comply with the approved budget.

Required Qualifications:

Education: Bachelor's degree in Cyber Security, Computer Science or Engineering, Information Technology, or a related field

Experience:

- Requires 10 or more years of experience with increasing responsibilities. Experience may include physical security, cyber security, network engineering, information technology, SCADA/EMS infrastructure support, managing budgets, or staff supervision. At least 3 years of experience must be in a cyber security role. Must also have experience with technical writing.

- Experience leading, motivating, and developing a team of IT/OT professionals, preferably in a SOC environment.

- Experience in asset and change management principles and practices.

- Strong technical knowledge and experience with cyber security platform, applications, tools, and industry best practices

- Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders

- Experience working in regulated environments such as NERC CIP or others is highly desired

Equivalent Experience: Associates Degree in Engineering, Engineering Technology, or Business, with at least 12 years of experience, with increasing responsibility, in electronic maintenance, cyber security, and/or information technology as described above. At least 5 years' experience must be in a cyber security role.

Licenses, Certifications, and/or Registrations: Certifications in Cyber Security or Information Systems are a plus.

Specialized Skills: Requires strong technical skills and understanding of various security events across multiple operating system and appliance platforms. Ability to learn and adapt quickly to changes in technologies, processes, and compliance standards. Strong customer service attitude. Strong analytical skills. Ability to document resolutions to customer issues and security alerts. Resolve issues amongst a diverse group of stakeholders. Must be able to pass a NERC CIP personnel risk assessment screening.

Unusual Hours: Occasional evening and weekend work may be required, to support operations and security event response. Supports customers, incident response processes, and systems after hours, as needed.