Senior Manager - Detection & Response
Avangrid

Job Info

---

Job Summary

The Senior Manager, Cyber Detection & Response is responsible for the overall response to security incidents and threats within Avangrid's Operation Smart Grid (OSG) and other BU including Control Systems and Automation, OSG Telecommunications, OSG Infrastructure, OSG AMI, Distributed Automation, Process & Technology, Innovation, Corporate Security, Corporate Risk, Legal, Insurance, Audit, Investment Planning, and Regulatory. This role requires the ability to fully engage in all phases of the incident lifecycle, managing both direct and indirect reports, understanding threats and providing oversight mitigations. Management and oversight of Cybersecurity Operations (CSOC).

Responsibilities

MAJOR ROLES AND RESPONSIBILITIES (Scope of work - range of responsibilities):

• Lead the development and deployment of security services and solutions in support of Avangrid's evolution towards a zero-trust security framework
• Support the shift in philosophy of how critical infrastructure is secured from verify once at the perimeter to continual verification of each user, device, application, and transaction
• Establish a security incident detection and response program for OSG that is well defined, highly available, repeatable, and is constantly measured for Key performance, Key risk, and Key operational level metrics
• Identify, respond, and mitigate threats to Avangrid and its affiliated entities
• Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.) to investigate potential intrusions and develop remediation guidance
• Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
• Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
• Coordinate and drive efforts among multiple IT and OT business units during response activities and post-mortem
• Proactive monitoring of internal and external-facing environment using specialized security applications
• Provide timely, comprehensive, and accurate information to OSG leadership in both written and verbal communication.
• Proactively research and monitor security-related information sources to aid in the identification of threats to Avangrid networks, systems and Avangrid control systems.
• Lead, mentor, and develop other staff members on incident response, analysis, and tools
• Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
• Participate and develop security incident and penetration testing procedures including penetration testing criteria, performance of testing, and implementation of lessons learned
• Oversee communication of reportable cyber incidents with government entities
• Lead development and integration of a cyber security incident detection and response program in support of AVANGRID Networks

Skills and Requirements

Education & Experience Required:

• Master's Degree in Engineering, Computer Science, or technical related degree with a minimum of 7+ years' experience in Cybersecurity
• Bachelor's Degree in Engineering, Computer Science, or technical related degree with a minimum of 10+ years' experience in Cybersecurity
• Associate Degree in Engineering, Computer Science, or technical related degree with a minimum of 15+ years' experience in Cybersecurity
• 5+ years' experience in Business Decision Support including Cybersecurity Operations and Performance/Metrics reporting.
• Relevant technical security certifications (GIAC, EC-Council, ISC-2 etc.); optional as well security architecture/management certifications (ISO27000, ISACA, etc.)
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations, etc.
• Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen.
• Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security.
• Competence in using both internal and external ticketing systems for ITIL-based incident, problem & change management
• Excellent oral and written communication skill
• Experience working with Cyber Threat Intelligence, Red Teams, and Threat Defense and Hunting teams
• Experience working with international teams
• Customer oriented leader capable of communicating to technical and executive stakeholders
• 8+ years of Information Security experience
• Experience with Access Controls systems and solutions (SSO, AD, TACACS, MFA, cloud based)
• Experience with a variety of information and network security infrastructure and tools (SIEM, IDS/IPS, firewall, WAF, configuration management)
• Experience with key security process and procedures (system hardening, patch management, vulnerability management, log management, access controls, supplier management, information classification/handling)
• Experience with common security operations services (access management, electronic perimeter management, baseline management, vulnerability assessments)
• 3-4 years of senior SOC analyst experience
• Threat Intelligence or Forensic background is a plus

Continued..

Desired Skills/ Abilities:
• Knowledge of federal government cybersecurity activities and practices
• Experience in federal or state regulatory environments
• Experience in federal cybersecurity agencies and environments
• Experience in a utility environment
• Certified Information Systems Security Professional (CISSP)
• GIAC Security Operations Certified (GSOC)
• Security clearance

#LI-DG1

Skills/ Abilities:
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders
• An ability to effectively influence others to modify their opinions, plans, or behaviors
• Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business
• An ability to work extremely well under pressure while maintaining a professional image and approach
• Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

Desired Skills/ Abilities:
• Knowledge of federal government cybersecurity activities and practices
• Experience in federal or state regulatory environments
• Experience in federal cybersecurity agencies and environments
• Experience in a utility environment
• Certified Information Systems Security Professional (CISSP)
• GIAC Security Operations Certified (GSOC)
• Security clearance

#LI-DG1

Competencies

• Be a role model
• Be agile
• Collaborate and Share
• Develop Self & Others
• Empower to grow
• Focus to achieve results
• Technical Skills

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will work for Avangrid Renewables

.buttontext7b2494b0614a79a7 a{ border: 1px solid transparent; } .buttontext7b2494b0614a79a7 a:focus{ border: 1px dashed #427135 !important; outline: none !important; }

AVANGRID's employment practices and policies are geared to hiring a diverse workforce and sustaining an inclusive culture. At AVANGRID we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law. Learn more about equal employment by following this link

If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our Human Resources department at 203-499-2777 or careers@avangrid.com

Nearest Major Market: New Haven
Nearest Secondary Market: Hartford

This job has expired.