Essential Functions: As defined under the Americans with Disabilities Act, these include the following responsibilities, minimum job knowledge, skills, and abilities. This is not necessarily an all-inclusive listing. Position-Related Duties:
- Ensure appropriate IT Security team involvement in all technology projects that may impact the security of customer, employee or business information.Review all non-standard system-related security plans throughout the organization's network, acting as a liaison to other areas of Information Services.
- Serve as an internal information security consultant to the organization.Advise the organization with current information about information securitytechnologies and related regulatory issues.
- Identify, recommend, and implement IT Securitytechnologies for UNS.Coordinate proofs of concept for new technologies.
- Provide or ensure effective project leadership for assignments and initiatives IT Security is involved in.
- Direct and oversee the acquisition, development, and/or integration of IT Securitytechnology solutions in order to achieve timely and cost-effective implementation and operation.Define standards for ongoing system operations, processes, practices and tools across the IT Security team.
- Research and keep abreast of new Information Technologies and assist in evaluating for appropriate application within the company.
- Direct, supervise and mentor the IT SecurityEngineering staff, including outside consultants as needed.
- Assist the Manager, IT Security with the definition of relevant IT security strategies, the development and management of budgets which support the cost-effective implementation of IT security strategies, tactics and operating plans.
- Ensure that the Company’s management principles, policies and programs are consistently practiced and continually support the Affirmative Action Plan.
- Comply with and administer the terms and conditions of the Collective Bargaining Agreement.
- Assume fiduciary responsibility for operating the business and provides recommendations on cost improvement measures.
- Ensure that the Performance Management program is administered uniformly and effectively.
- Mentors staff and peers to enhance their understanding of IT security processes and technologies.
Knowledge, skills and abilities: Minimum Requirements:
- Minimum three years of experience in an Information Technology leadership capacity.
- Six or more years working as an IT Security Analyst, Architect or Engineer involving various IT securitytechnologies including: firewalls and host-based firewalls, intrusion detection systems, intrusion prevention systems, anti-virus or malware systems, zero-day vulnerability analysis tools, vulnerability assessment software, authentication and single sign-on, access control/provisioning, secure file transport, encryption, remote access, logging and monitoring, network monitoring, file integrity, internet directory services, forensic and investigation tools.
- A high degree of human relation skills are required to deal with personnel situations and maintain positive relations with other areas of the company.
- Broad-based business knowledge, including budgeting, financial analysis and project management, including the ability to prioritize and meet deadlines, with emphasis on accuracy and attention to detail.
- A demonstrated ability to communicate effectively at all levels, including public speaking and business writing.
- Experience in an Information Technology supervisory capacity.
- Degree in Business Administration, Management Information Systems, Computer science, Cyber Security, or related discipline is preferred.
- Experience at companies with more than 500 end-users.
- One or more certifications in an IT Security discipline, such as Certified Information Systems Security Professional (CISSP), CISM, CEH, CHFI, ECSA, CISM, CCSA, ISSAP, ISSEP, CCFE, CASS, GSEC, GCIH, GCIA, GCFA, GPEN, GCFW, GWAPT, GCWN, GCFE, Security +
- Minimum three years of experience with and knowledge of IT audit principles and regulations, including: NERC CIP, ISO, COBIT, ITIL, NIST, Sarbanes-Oxley, PCI and HIPAA is preferred.
- A broad utility business experience is preferred with emphasis on real-time utility operations, such as Energy Management Systems, transmission & distributionengineering, and generation engineering.