Sr Manager Security Resilience

Deadline to Apply: October 31, 2024 at 11:59 p.m. CDT
We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve.  Together, we are powering the growth and success of our community progress every day!

Pay Grade

Level 20 Pay Grade

Position Summary

Integrated Security is responsible for the overall security of the company's personnel, physical and IT assets, and facilities. Based on security risks, Integrated Security establishes and continuously improves security policies, procedures & standards, infrastructure, human and technical preventive measures, employee security awareness, alarm, and incident response capabilities, etc., to safeguard the company's business operations.  Sr. Manager of Security Resilience will oversee and coordinate incident and emergency management, business continuity, and cyber and physical security operations. These efforts include managing personnel to meet Integrated Security’s Defense & Response team, security awareness, execution of full scale and tabletop exercises, enterprise resilience, security readiness, and ensuring business continuity and emergency management, and all cyber and physical security operations. 

Tasks and Responsibilities

• Oversee the day-to-day performance of personnel within the Security Defense & Response team.
• Develop, implement, and monitor strategic security programs for security operations, business continuity, and emergency response.
• Develop and manage budgets for Security Defense & Response and monitor them for variances.
• Develop and manage key performance indicators, metrics to measures for Security Defense & Response.
• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support security goals and objectives, and reduce overall organizational risk.  
• Promote awareness of security issues related to cyber and physical security operations and business continuity and emergency management among management.
• Ensure cyber and physical security operations are functioning at approved levels. 
• Oversee the implementation and release of new cyber and physical security tools implemented by Security Innovation.
• Manage internal/external emergency preparedness and operation plans, incident management plans and the Business continuity program. 
• Provide recommendations of potential mitigation strategies on business risks
• Partner with adjacent organizations to ensure security and business resilience/continuity requirements are being met and comply with the Integrated Security strategy.
• Lead the organization in performing enterprise-wide full scale/tabletop security exercises and third-party penetration test.   
• Coordinate and provide expert support to enterprise-wide Incident Management team to resolve and/or manage all incidents.
• Ensure positive public relations and engagement with community stakeholders.
• Perform other duties as assigned

Minimum Skills

Minimum Knowledge and Abilities

Knowledge of cyber and physical security and business continuity and emergency management.Knowledge of specific operational impacts of security lapses.Knowledge of Learning Management Systems and their use in managing learning.Knowledge of risk management framework requirementsKnowledge of principles and process for conducting training and education needs assessments.Knowledge of the organization core business/mission processes.Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.Knowledge of business continuity and disaster recovery continuity of operations plans.Knowledge of incident categories, incident responses, and timelines for responses.Knowledge of incident response and handling methodologies.Skill identifying gaps in technical capabilities.Skill identifying gaps in operational effectiveness of security policies, processes, procedures, and programs.Skill in preparing and presenting briefings.Skill in preparing plans and related correspondence.Skill to apply cyber and physical security principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).Ability to develop policy, plans, and strategy in compliance with laws, regulation, policies and standards in support organizational cyber and physical security activities.Ability to develop, update, and/or maintain standard operating procedures (SOPs).Ability to work with local, state and federal law enforcement and emergency management.Valid Class C Texas Driver’s License / Must have favorable driving record.

Preferred Qualifications

• Master’s degree in information technology, Computer Science, Criminal Justice, Emergency Management Business Administration, or related field from an accredited university.
• Certified Information Systems Security Professional (CISSP)
• Certified Protection Professional CPP
• Local, State or Federal Law Enforcement Experience 
• Business Continuity, Incident Management based certifications, e.g. IAEM, etc. 
   

Competencies

Assembling TalentEstablishing RelationshipsResolving ConflictCommunicates EffectivelyManaging PerformanceDeveloping Plans

Minimum Education

Bachelor’s degree in Information Technology, Computer Science, Criminal Justice Cybersecurity, Business or related field from an accredited university.

Required Certifications

Working Environment

Indoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi-functioning printer and calculator.Ability to travel to and from meetings, training sessions or other business related events.

Physical Demands

Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body.Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations.