Supervisor, Security Engineering

The Supervisor, Security Engineering plays a key role in developing and administering GSOC's Critical Infrastructure Protection Program and other security initiatives to ensure cyber security of programmable electronic devices and networks that make up GSOC and GTC's digital operational infrastructure. The Supervisor, Security Engineering, develops, reviews, and implements programs and processes to ensure compliance with NERC Critical Infrastructure Protection (CIP) standards. This role leads efforts to architect, engineer, and implement innovative technology solutions that meet strategic business and security objectives and enable uninterrupted business and operations activities. Provides work direction and technical assistance to engineers in the Security Operations department. Takes a hands-on role in mentoring and developing junior team members. Provides security expertise to other projects and departments. Provides input to management on associates' performance. Provides input to management on annual budget issues and monitors expenditures to comply with the approved budget. Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, NERC, FERC and ITS requirements.

Job Duties:

- Supervision and performance management of staff, support of the processes and technology necessary for team effectiveness, and coordination of activities with other teams and departments within the FOC.

- Lead efforts to architect, engineer, and implement innovative technology solutions that meet strategic business and security objectives and enable uninterrupted business and operations activities.

- Provide work direction and technical assistance to engineers in the Security Operations department. Take a hands-on role in mentoring, coaching, and developing other team members.

- Develop, review, and implement programs and processes to ensure compliance with NERC Critical Infrastructure Protection (CIP) standards.

- Provide security expertise to other projects and departments.

- Maintain up-to-date knowledge of industry and security trends. Inform Manager, Security Operations on strategic technology and security planning.

- Provide input to management on associates' performance. Provide input to management on annual budget issues and monitors expenditures to comply with the approved budget.

Required Qualifications:

Education: Bachelor's degree in Cyber Security, Computer Science or Engineering, Information Technology, or a related field

Experience:

- Requires 10 or more years of experience with increasing responsibilities. Experience may include physical security, cyber security, network engineering, information technology, SCADA/EMS infrastructure support, managing budgets, or staff supervision. At least 3 years of experience must be in a security role. Must have experience with technical writing.

- Experience leading, motivating, and developing a team of IT/OT professionals, preferably in an engineering group supporting electric utility projects

- Experience performing security evaluations and assessments for systems, applications and networks

- Strong technical knowledge and experience with cyber security platforms, applications, tools, and industry best practices

- Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders

- Experience using industry frameworks such as NIST CSF to implement security and compliance programs and controls. Experience with developing NERC CIP Programs is highly desired

Equivalent Experience: Associates Degree in Engineering, Engineering Technology, or Business, with at least 12 years of experience, with increasing responsibility, in electronic maintenance, cyber security, and information technology. At least 5 years' experience must be in a security role. Must have experience with technical writing.

Specialized Skills: Requires excellent technical skills and the capability to understand business objectives and design technical solutions to meet those objectives. Strong verbal and written communication skills, excellent organization and time management skills, analytical and creative problem-solving skills, ability to establish and maintain effective working relationships as necessitated by the work. Familiar with electronic equipment operations and various types of cyber and physical security systems. Must be able to pass a NERC CIP personnel risk assessment screening.

Travel: 15%

Unusual Hours: Provides emergency cover in support of cyber security issues. Rotational on-call responsibilities.