- Job Type:
- Job Category: Information Technology
- Location: Albuquerque, New Mexico, United States
- Education Level:
- Apply URL: https://jobs.pnmresources.com/psc/pnmjobs/EMPLOYEE/HRMS/c/HRS_HRAM.HRS_APP_SCHJOB.GBL?Page=HRS_APP_JBPST&Action=U&SiteId=10&FOCUS=Employee&JobOpeningId=6086581&PostingSeq=1
PNM Resources, Albuquerque, NM
Applications must be submitted by:
October 6, 2019
This position is covered by NERC CIP cyber security standards. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check.
Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required.
Directs and manages a team that designs and implements security and compliance solutions to support utility operations and corporate systems for both PNM and TNMP. Partners across the enterprise and with external stakeholders to formalize application plans and oversee the successful delivery of related projects including activities for support of security compliance and best practices including NERC CIP standards
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Ensures that technology and security for the operations areas and corporate environment is planned and implemented with a full understanding of how it will benefit/impact the company's overall vision, mission, and operation; directs and oversees the development and delivery of technical training on new and emerging technologies as part of implementation or as requested
Facilitates development, testing and installation of cyber and physical security technology solutions, including but not limited to: firewalls, network switches and routers, security event monitoring, log management tools, anti-virus/malware prevention tools, and vulnerability assessment solutions
Leads and directs development and implementation of NERC CIP solutions and ensures practices adhere to applicable compliance requirements, guidelines, procedures and policies
Negotiates, updates, manages, and reports on, service level agreements and addendums in support of security solutions utilized by operations and corporate personnel
Manages the annual departmental budget, which supports the implementation of approved plans and projects across multiple areas of the PNM Resources enterprise as it relates to security technology
Supports and facilitates performance monitoring against established plan to stay within budget, ensures client satisfaction and establishes a quality assurance process to ensure delivery of quality services, and expected availability of systems
Develops metrics to ensure process success or areas of improvement and follows up with issues including developing solutions. Supports monitoring of daily performance of all roles to ensure proper results are being delivered and establish and manage key performance metrics and indicators for technology solutions and the team
Participates as key member of senior technology management team to develop, coordinate, and execute overall Information Technology and IS Business Plans
Supports Security, technology groups and other departments with continuity planning including incident event management, incident response, and disaster recovery
Assists with development of control system and information system strategy and design for network security and system architecture
Provides specialized engineering and field expertise and project support in areas of security and technology deployment. Aligns security and compliance solutions with Company vision and strategy, consistent with the technology roadmap that marries existing infrastructure and applications with implementation of new/advanced technologies
Leads technology-related compliance activities, including development of documentation required for self-certifications, on-site audits, and the preparation of self-reports and mitigation plans for regulatory violations.
Acts as a subject matter expert to process and respond to physical and cyber security alerts issued through the ES-ISAC, ICS-CERT, US-CERT as applicable.
Participates in internal and external spot checks and reviews to ensure compliance with regulatory standards, internal security policy, and coordinates with PNMR internal audit staff, as appropriate
Demonstrated ability to effectively direct and manage geographically distributed people through developing, empowering, motivating, and appropriate decision making, while maintaining successful working relationships
In-depth understanding of technology, compliance and security directions, trends and strategic business impacts of key business and technology initiatives
Excellent interpersonal skills and the ability to work effectively across the organization as well as outside stakeholders, including, but not limited to, national and international organizations, governmental agencies/entities, universities, national laboratories, and vendors
Ability to actively participate in industry strategy, policy setting, planning, operating and/or commercial practices committees such as the WICF, EEI, WECC, & NERC
Knowledge of electric distribution, transmission, and generation systems
Proven ability as a high energy, results-oriented leader who can work collaboratively with colleagues and teams that are geographically dispersed
Ability as an analytical and critical thinker with attention to detail who regularly seeks innovative solutions to complex business and technology issues
Ability to generate trust, build alliances and establish immediate credibility within the company, and with external organizations and vendors
Ability to operate in a transforming environment and culture, and to create change, advance ideas and be comfortable with ambiguity
Knowledge of the company's budget process, preparation, and interrelationships with other department budget
MINIMUM EDUCATION AND/OR EXPERIENCE
Bachelor's degree in Computer Science, Engineering, Information Systems, Information Security or relevant degree with seven to nine years of related experience, to include two years of management experience, or equivalent combination of education and/or experience related to the discipline
Master's degree is preferred
Certification in security or systems control related field:
CISSP, CISA, CISM, or generally accepted equivalent is required.
Hires, develops, trains, evaluates, and supervises geographically dispersed staff, including managers. Directs, organizes, prioritizes, and schedules work assignments. Responsible for employee development mentoring and performance management skills.
Ability to operate standard company administrative programs
Working knowledge of spreadsheet and word processing software
Ability to load, operate, and understand engineering and financial based programs
Ability to understand cyber security approaches and systems.
Strong working knowledge of current marketed security tools and technologies
Strong working knowledge of industry regulations (NERC CIP, Sarbanes Oxley, PCI) and industry security standards (NIST, ISO)
ANALYSIS AND PROBLEM-SOLVING ABILITY
Ability to identify and define problems and process breakdowns. Ability to collect data, establish facts, and draw valid and concrete conclusions that can be acted upon. Ability to apply creativity to problem solving and utilize analytic skills and modeling capabilities to provide ongoing insight into the business and to make high level strategy recommendations and decisions.
Ability to conduct and guide enterprise Information Security project and operations activities and practices within the bounds of approved security programs and policies, and in accordance generally accepted security principles and standards.
SCOPE AND IMPACT:
Electronically protects all enterprise computing platforms for the purpose of providing and preserving confidentiality, integrity, and availability of all corporate systems, applications and data. Electronic protection of systems within the scope of this position is intended to minimize potential costs directly related to operational, legal, regulatory, and reputation risk from loss of enterprise system operation or confidential or proprietary information.
Minimum Midpoint Maximum
$84,773 - $114,443 - $144,114
EQUAL OPPORTUNITY STATEMENT
PNM Resources and affiliates are Equal Opportunity/Affirmative Action employers. Women, minorities, disabled individuals and veterans are encouraged to apply.