Accessibility Links

Lead Cyber Security Specialist (Utilities)

  • Job type: Permanent
  • Job reference: : BBBH112455
  • Location: USA, New York, Pearl River
  • Sector: T&D, Utilities
  • Salary: Negotiable
  • Date posted: 25/09/2017
This vacancy has now expired.
Purpose: This position requires a "hands-on" technically and managerially qualified contributor with broad and appropriate electrical utility and computer security experience. Must have the ability to organize, plan, coordinate, manage, and control the position's assigned responsibilities in an efficient and cost-effective manner. The individual must have outstanding managerial abilities (technical knowledge, project management, business acumen, etc.) and a proven track record of relative performance. The Senior Specialist will be responsible for daily operation and providing technical oversight of the systems and related documentation that are subject to Critical Infrastructure Protection Standards (CIPS). Under the direction and guidance of the Section Manager, results required include sustaining compliance with CIPS, review and analysis of pending and approved standards and requirements, and preparing definitive statements of compliance and evidence for reporting purposes. The Senior Specialist may represent the company through participation and attendance at NPCC, RFC and NERC standards related and other regulatory agency activities as required.

Major Responsibilities:
1. Ensures implementation of Company safety, health and environmental programs for employees whose work is directed. Ensures that safe work practices are followed and the environment is fully protected in accordance with Company policy and governmental regulations.
2. Commitment to the Way We Work Principles, and adhere to the Company's Standards of Business Conduct and other Company procedures including Environmental, Health and Safety ("EH&S"), Equal Employment Opportunity ("EEO"), discipline, and security.
3. Is dedicated to enhancing the Customer Experience, both within the Company and externally and demonstrates a commitment to the ideal of developing a proactive, customer-centric culture to foster trust and confidence among customers and improve value for all our stakeholders.
4. Develops and maintains working knowledge of FERC, NERC, Regional Entity (eg NPCC and RF), State, and Reliability Coordinator (NYISO and PJM) mandatory reliability standards applicable as the company is registered on the compliance registry, and standards development, implementation and auditing processes.
5. Responsible for the continuing development, implementation, and oversight of the Critical Infrastructure Protection Program and all company and corporate CIPS related Policies, Procedures to assure sustained compliance with the latest CIP standards.
6. Draft and implement policies/procedures to assure compliance with approved, future enforceable NERC CIP standards. Strong project management skills will be required to coordinate efforts between ECC support staff, ECC System Operators, T&S Engineering, and Substations.
7. Performs assigned day-to-day technical and administrative tasks associated with NERC Standards Compliance Program including coordination of in effect CIP standards review across the appropriate operating and engineering areas; ensures the necessary documentation exists to support auditable compliance prior to certifications to regulatory entities in accordance with established policies
8. Manages and maintains intrusion detection systems (IDS) for monitoring of BES Cyber Systems and supporting infrastructure
9. Manages and maintains the physical access control system (PACS) for monitoring the Physical Security Perimeter of Critical Assets.
10. Manages and maintains ECC change management systems for controlling changes to BES Cyber Systems within the ECC and substations.
11. Responds to NERC Alerts and provides oversight for the administration of participation in the NERC Alert System and the Corporate Cyber Security Team.
12. Conducts programmatic internal assessments of the department's compliance program's required actions, maintain schedules, monitor performance, identify corrective actions, develop action plans to implement solutions, and actively promote continuous improvement.
13. Is responsible for the timely, accurate and well-documented submittal of data to the appropriate regulatory agencies including NPCC, RFC, NYISO, PJM, NERC, FERC, and participate in regulatory performance assessments.
14. Prepares for, conducts and documents tests and drills as required for CIP compliance.
15. Creates and publishes periodic communication updates to appropriate company personnel in accordance with applicable NERC Reliability and Critical Infrastructure Protection Standards.
16. Coordinates compliance activity with appropriate CECONY personnel, neighboring companies, and regulatory contacts to ensure that joint activity commitments are being addressed, and best practices are being employed.
17. Participate in groups and committees in line with relevant efforts and initiatives. Represent the department and Company on internal and external committees, as assigned.
18. Performs other related duties and assignments, as required.

Specific Requirements of the Job:
Education - Bachelor's Degree (Engineering, Information Technology Systems/Security or Computer Science preferred) with a minimum of 3 years experience OR Associate's Degree with a minimum of 5 years experience.

Spencer Ogden is acting as an Employment Agency in relation to this vacancy.