Director, Critical Infrastructure Security

Full Time
Taylor, TX
Areas of Interest: Computer Network Defense (CND) Infrastructure Support
report a problem
Overview


ERCOT is looking for motivated people to join our team in contributing to something that impacts all of us – reliable electric power. Join our growing organization in the important mission of operating the electric grid reliably; providing fair access to the competitive electricity markets; helping the electric markets to operate efficiently; and planning for the future.

 

Responsible for the security of personnel, information and physical assets, operations and security compliance.

JOB SUMMARY  
Directs the Information Security, Physical Security and Compliance Monitoring groups in developing and implementing enterprise wide cyber and physical security, security compliance and compliance training initiatives. Responsible for establishing and communicating security best practices to ERCOT personnel. Responsible for maintaining compliance with the NERC Critical Infrastructure Protection requirements and communicating security policies and expectations for the Texas Electric Market participant companies. 

 

POSITION DESCRIPTION

Essential Job Duties and Tasks

  • Directs and oversees the work of security departments and security programs for the corporate enterprise.
  • Responsible for hiring, coaching, training, and performance management of staff.
  • Develops an overall integrated security strategy (physical, personnel, cyber) consistent with strategic plans, identified goals, objectives and metrics related to Physical protection responsibilities which include asset protection, personnel security, access control systems and video surveillance;  Information protection responsibilities which includes infrastructure security architecture, infrastructure monitoring, policy development, personnel education and awareness, and Security compliance responsibilities which include compliance monitoring and personnel training. 
  • Evaluates enterprise operations and identify the relevant security needs for the organization through various interactions with other groups to identify key corporate security initiatives and standards.
  • Develops and maintains an Enterprise security threat / risk model which identifies protection goals and mitigation strategies that are or must be implemented to lower the security and compliance risk.
  • Works with ERCOT management to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology.
  • Manages the development and implementation of corporate security policy, standards, guidelines and procedures to ensure ongoing maintenance of security. 
  • Leads the implementation of strategic and tactical initiatives for mitigation of risks, measure departmental compliance and provides feedback on a periodic basis for process improvement.
  • Promotes security best practices through enterprise wide security awareness programs, specialized security training for high risk areas on a periodic schedule and lead multi-departmental security initiatives that implement identified mitigation strategies.
  • Maintains knowledge of NERC Critical Infrastructure Protection Standards and ensures comprehensive implementation of compliance controls.
  • Maintain awareness of security and IT industry changes and future technologies.
  • Provides periodic management reports on Security group activities to the Executive team, the Board of Directors, the Texas Public Utility Commission and industry regulatory agencies (NERC and FERC) as required.
  • Maintains a record of, and leads the response to all security incidents within the company. 
  • Maintains a working relationship with local, state and federal government agencies that provide law enforcement and security incidence response.
  • Assists with defining goals and identifying risk areas for internal and external agency security audits and leading the management response for the audit security-related findings.
  • Assists in preparation of the organization’s emergency management and contingency plans and the Security department’s annual budget.
  • Knowledgeable of security for Supervisory Control and Data Acquisition (SCADA) and Energy Management Systems (EMS) and domain-specific knowledge about ERCOT’s control systems infrastructure and security controls.
  • Maintains a solid understanding of information technology and information security

QUALIFICATIONS 
Education

  • Bachelor’s degree in Business, Computer Science, Criminal Justice or related field or six years applicable experience is required.  
  • Master’s degree in Business Administration, Criminal Justice or related field is preferred

Certifications & Licenses

  • Certifications such as Certified Information Systems Manager (CISM), Certified Information Systems Security Professional (CISSP) or GIAC strongly preferred.

Work Experience

  • Minimum of eight (8) years (in excess of degree requirements stated above) of progressively responsible experience in information security.
  • Minimum of five (5) years of experience in a managerial role.



Share this job:

Electric Reliability Council of Texas

The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to 24 million Texas customers - representing about 90 percent of the state's electric load. As the independent system operator for the region, ERCOT schedules power on an electric grid that connects more than 43,000 miles of transmission lines and 550 generation units. ERCOT also performs financial settlement for the competitive wholesale bulk-power market and administers retail switching for 7 million premises in competitive choice areas. ERCOT is a membership-based 501(c)(4) nonprofit corporation, governed by a board of directors and subject to oversight by the Public Utility Commission of Texas and the Texas Legislature. ERCOT's members include consumers, cooperatives, generators, power marketers, retail electric providers, investor-owned electric utilities (transmission and distribution providers), and municipal-owned electric utilities.
Visit Electric Reliability Council of Texas's Social Media pages:
Company Industry: Utilities
Company Type: Non Profit
Company Size: 501-1000