Manager, Technical Security

The New York Independent System Operator (NYISO) manages the efficient flow of electricity on more than 11,000 circuit-miles of high-voltage transmission lines, dispatching power from hundreds of generating units across the state.

The New York Independent System Operator (NYISO) applies cutting-edge technology to operating a reliable electricity system, managing competitive markets for wholesale electricity, and planning for the Empire State's energy future.  The NYISO’s Information Technology department invites applications for a full-time Manager, Technical Security to join our team.

The Manager, Technical Security is responsible for the architecture, engineering design, implementation, and maintenance of the NYISO’s cyber security infrastructure, controls, and technologies to ensure the protection of NYISO information assets around the clock. This position is responsible for key aspects of the NYISO’s cyber security program, including security defensive platforms, cloud security, security services, and security infrastructure engineering. The Manager, IT Technical Security ensures a strong security posture across the organization, with a high degree of operational readiness, and capability to respond to continuously evolving threats and vulnerabilities through effective application of NYISO information security controls. The Manager, Technical Security maintains all platforms and controls to ensure functions are performing optimally as expected, and the appropriate controls are developed and implemented as a layer of assurance. The Manager, Technical Security establishes and maintains strong relationships with NYISO business partners to ensure the implementation of security in a manner that does not impede the effective and efficient conduct of business. The Manager, Technical Security also establishes and maintains strong external partnerships with electric sector entities, government partners, threat and intelligence providers, vendors, and other pertinent external organizations.

 

ESSENTIAL DUTIES and RESPONSIBILITIES

• Leads the selection, design, engineering, and development of technical security infrastructure and cloud solutions including (but not limited to) advanced endpoint protection, malware prevention, Distributed Denial of Service protection, and monitoring and management platforms. Develops security architectures to facilitate the application of security concepts and strategies such as Zero Trust into practical designs and configurations that are engineered to address evolving security challenges.
• Develops standards and programs that ensure the security of IT infrastructure, HVAC, SCADA, and ICS systems used by the NYISO.
• Oversees the security of IT infrastructure used to support the reliable operation of the electric grid and wholesale electric markets.   
• Develops and implements long-range strategic planning that supports and aligns with the NYISO strategy, the NYISO business plan, and the NYISO IT strategy.
• Serves as the Compliance Responsible Manager for all Critical Infrastructure Protection (CIP) standards and requirements within assigned areas of responsibility.
• Establishes a continuous posture assessment program through methodologies such as red teaming, threat hunting, and vulnerability scanning. Provides these services with a customer-oriented approach to the Security Operations teams.   
• Supports and assists the Governance, Risk & Compliance team with regulatory reporting, security program oversight, controls testing, risk management, and other functions as needed. Through his/her actions, the Manager, Technical Security establishes a culture of compliance throughout the security team, ensuring security controls, processes, and policies are effective and adhered to consistently.  
• Contributes to the development of the long-range security strategy by providing insight into security trends, advances in technology, evolution of the threat landscape, and perspective on risks and mitigations appropriate for the organization. Develops plan milestones and objectives for his/her area of responsibility and manages them to completion.  
• Works directly with business partners at all levels of the organization to plan and implement strong security practices in a manner that allows the efficient conduct of business and communicates those plans using strong verbal and written communications skills.
• Supervises the Security Program Lead’s functions and responsibilities including strategic planning, budget, resource planning, NYS Security Working Group oversight, security training and awareness, security partners program, the Enterprise Security Steering Committee, and special projects supporting the advancement of security.
• Leads by example through actions and behaviors that demonstrate the NYISO’s core values. Manages staff assigned to the Security Operations & Engineering team, including coaching, career development, training, scheduling, and performance management.  Fosters an inclusive and rewarding culture that makes the NYISO’s security team a challenging, satisfying, and fun organization to be a part of.     
• Oversees business-oriented aspects of the security team including contracting, budgeting, vendor management and asset management. Develops strong, collaborative relationships with external security vendors and service providers as a key component of the NYISO security program.
• Provides subject matter expertise to senior leadership on a broad range of technical security standards and best practices. Represents the organization at conferences, seminars, and industry events. 
• Establishes effective communications and reporting of security status at all levels of the organization. Briefs executive leadership, board members, and market participants on security incidents and response, planning, and other matters. 
• Establishes & maintains relationships with local, state, and federal law enforcement and other related government agencies.
• Builds relationships and forums with NYISO’s stakeholders seeking to elevate the overall security awareness and posture of NY’s electric industry.

 

SUPERVISORY RESPONSIBILITIES

This position does possess supervisory responsibility. Manages full-time and contract employees. 

 

EDUCATION

• Bachelor’s Degree (BS) in Information Technology, Business, Engineering, Computer Science, or related technical field required; Master’s Degree (MS or MBA) strongly preferred.
• Significant experience managing a global cyber security function in an enterprise organization may be considered in lieu of degree requirements.
• At least seven years’ experience in cyber security positions at enterprise organizations, including three years in a supervisory or leadership role, is required.
• Broad and deep understanding of technical security concepts and familiarity with related technologies and infrastructure, as well as a solid conceptual knowledge of enterprise IT system operations.
• Demonstrable experience leading and motivating cross-functional, interdisciplinary teams, including strong enterprise security operations & incident management experience.
• Additionally, this position requires PMI-oriented project management skills, experience with department finance & budgeting, contracting and vendor negotiations.
• Experience in the energy sector and familiarity with Critical Infrastructure Protection standards is desirable.

 

CERTIFICATES, LICENSES, REGISTRATIONS

• Must be able to obtain and maintain a DHS, DOE, or DOD SECRET-level clearance to be granted access to classified intelligence and information.
• Professional certification, such as a CPP, CISSP, CISM, CISA or other physical and/or information security credentials, is a plus.

 

ADDITIONAL REQUIREMENTS

• Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, and governmental regulations. Ability to write reports, business correspondence, and procedure manuals.  Ability to write presentations and articles for publication that conform to prescribed style and format.  Ability to effectively communicate security and risk-related concepts to technical and nontechnical audiences.
• Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
• High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
• Proficient with personal computers running the Windows operating system; experience with productivity software such as Microsoft Office applications, e-mail, and Internet programs.

 

PHYSICAL DEMANDS

While performing the duties of this job, the employee is regularly required to talk or hear.  The employee frequently is required to stand, walk, sit, and use hands to perform routine office tasks.  The employee is occasionally required to reach with hands and arms.  The employee must occasionally lift and/or move up to 15 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 

WORK ENVIRONMENT

The noise level in the work environment is usually moderate.  Contact with staff and public will occur.  Travel may be required to attend and/or conduct meetings, conferences, and training. This position may require work on nights, weekends, or holidays.

 

The NYISO offers the flexibility to work both in the office and remotely, providing our employees with an enhanced work life balance. While the majority of the responsibilities of this role can be performed remotely, in most cases, employees will have periodic on-site requirements based on business needs. 

The NYISO takes pride in recruiting, developing and retaining highly talented individuals. In addition to competitive salaries, we offer a comprehensive benefits package and innovative reward programs.

All offers of employment will be made contingent upon the successful completion of a drug screening and background check.

The NYISO is an Equal Opportunity Employer and as such, does not discriminate in its hiring or employment practices.

#LI-Hybrid

Salary Range$131,700—$228,400 USD