Our client, a leading U.S. energy company, seeks an experienced cyber security professional to join our Technology Security organization. The primary role will be focused on a new sector-wide program to address national-level risk, primarily focused on but not limited to cyber risk. (S)he will coordinate across critical infrastructure sectors, including the communications sector, financial services sector, and the energy sector; the three main components of the Tri-Sector Executive Working Group. In addition, the role will work across our client's functions to enable key cyber policy objectives.
This role is part of a strategic effort to expand public-private sector stakeholders to mitigate cyber threats to our energy infrastructure. Acting as coordinator and liaison between the company and an analysis and resilience center, the individual in this position will leverage his/her subject matter expertise to ensure the pace, substance, and outcomes of each effort are meeting the objectives of the overall program. The candidate will work to assess, mitigate and respond to systemic risk facing our client and the subsector at large.
The selected individual will leverage his/her experience in cyber security and understanding of US Government agencies (authorities, missions, capabilities, strengths) to plan or execute actions in line with the overall vision that strengthens national security and better secures our client. The person will engage on a variety of cyber-related topics across various business units, including our client's Technology Security, Strategic Security Policy Director, our client’s Government Affairs office, and others. S(he) will analyze actions, gaps, outstanding risks, and other programmatic needs for each of the individual initiatives within the overall effort, with the goal of advancing complex interrelated projects across a diverse set of stakeholders.
MAJOR JOB RESPONSIBILITIES:
- Execute assigned aspects the company’s analysis and resilience center and tri-sector engagement, taking a collaborative approach to risk management through prioritization, planning, and response.
- Work with management to plan, execute, and oversee projects and engagements that further various initiatives
- Successfully represent our client, including policies and opinions, to outside organizations, potentially including engagements with high-level officials and senior executives.
- Drive the overall community (both public and private) though innovation and out-of-the-box ideas to better secure critical infrastructure – be a thought leader in this space
- Coordinate, engage, and collaborate with similar functions at peer utilities
- Monitor and report on the result of agreements and actions across multiple government agency stakeholders and internal company organizations for areas of responsibility
- Track, review, and report progress of each effort against plans
- Assess the risks to each project and advise on potential solutions to technical or policy roadblocks
- Assist in the implementation of innovative processes, strategies, technologies, and operations for public-private partnership
- Manage communication plans and patterns with government stakeholders regarding cyber threats, incidents, sector-specific issues, and other engagements
- Travel is expected to be around 20%, but will vary on individual preferences, current goals, training goals, and operational tempo
- Must have or be able to obtain a Top Secret US Government Clearance.
Required Knowledge, Skills, Abilities, Experience and Education:
- BA/BS in computer science, technology, engineering, cyber policy, or other security-related field or equivalent experience
- Minimum of seven (7) years of relevant professional security experience, or five (5) years with Master’s degree
- Experience across the US Government and ideally the US Intelligence Community, understanding risk analysis, collection requirements, and analysis
- Subject matter expertise working on cyber (or similar) security issues jointly with the federal government
- Understanding of current threats facing the electric and natural gas sectors, either on a technical and/or a policy level
- Knowledge of Operational Security (OpSec) principles for cyber operations, information sharing, and information protection
- Strong interpersonal skills and experience working with government staff, both military and civilian
- Ability to collaborate effectively with all levels of personnel, executives, stakeholders, and government contractors
- Demonstrated ability to lead others through influence
- Excellent attention to detail, verbal/written communication skills, and strong organization and time management skills, as well as the ability to effectively manage multiple tasks simultaneously under general supervision
- Demonstrated ability to achieve timely project execution
- Independent thinker with strong analytical and problem-solving skills
- Experience communicating with senior stakeholders inside and outside the company
Preferred Knowledge, Skills, Abilities, Experience and Education:
- Existing professional network with federal government partners
- Understanding of various federal legal authorities under which key agencies operate
- Knowledge of regulatory and policy environment as it applies to electricity and natural gas generation, transmission, and distribution
- Familiarity with global cyber threats to the energy sector and financial services sector.
- Relevant professional certifications (PMP, CISM or CISSP)
- Masters or higher, ideally in a cyber security-related field