Sr. Manager - IT Security

Position Information:

Job Title: Sr. Manager - IT Security

Location: Orange, CT

Salary Range: $155,600 - $194,500

Schedule: On Site - Office

Job Summary

The Sr. Manager, Network & Infrastructure Security is accountable for the security-by-design, operational resiliency, and lifecycle governance of Avangrid's network security and enterprise infrastructure security platforms. This role leads two teams responsible for protecting connectivity and critical IT services across the enterprise: (1) Network Security (firewalls, IPS/IDS, network segmentation, perimeter security, and cloud network security) and (2) Infrastructure Security / IT Security (enterprise security platforms, identity & access management, privileged access, endpoint security, vulnerability management, and compliance support).

Key Responsibilities

Strategy, Roadmap and Operating Model

• Leads and integrates Network Security and Infrastructure Security capabilities, establishing a cohesive operating model, clear ownership, and measurable outcomes for protection of enterprise connectivity and IT platforms.
• Defines the technology strategy, target-state architecture, and multi-year roadmaps for network security and enterprise infrastructure security services, aligned to Avangrid standards, business priorities, and the enterprise risk posture.
• Establishes lifecycle management programs to ensure security technologies are correctly deployed, maintained, patched, and modernized; manages roadmaps aligned to enterprise strategy, technology evolution, and continuous transformation.

Network Security and Infrastructure Security Platforms

• Provides leadership over current and future enterprise security technologies and services, including platforms such as Fortinet, Palo Alto, Check Point, Cisco, WAF and edge security platforms such as Akamai WAF, secure web gateway/proxy platforms such as Zscaler, privileged access platforms such as CyberArk, network detection and response platforms such as ExtraHop, or equivalent enterprise technologies.
• Defines and governs engineering standards, reference architectures, and technology guardrails for network security controls (e.g., perimeter, segmentation, IDS/IPS, and cloud network security) and infrastructure security platforms (e.g., identity and access management, privileged access, endpoint security, vulnerability management, and security tooling operations).
• Champions security-by-design by embedding security requirements into architecture, engineering standards, configuration baselines, and operational processes.
• Provides security leadership and architectural governance for cloud network and infrastructure security capabilities, in partnership with Cloud and Platform teams.
• Leads hardening management by selecting applicable standards and reference guides, defining configuration baselines, prioritizing controls, and establishing maturity levels for secure infrastructure and network security profiles.

Firewall, SD-WAN, Segmentation and Secure Connectivity

• Drives modernization and standardization of enterprise firewall and SD-WAN services, including policy governance, rule base optimization, segmentation alignment, VPN/NAT standards, high availability, logging, monitoring, change validation, and operational readiness.
• Defines segmentation and secure connectivity patterns (e.g., site-to-site connectivity, remote access, cloud connectivity, and third-party connectivity) that reduce exposure, support resiliency, and enable business outcomes.
• Partners with architecture and engineering stakeholders to ensure consistent implementation of perimeter, internal segmentation, and edge security controls across enterprise and cloud environments.

Operations, Resiliency and Compliance

• Delivers high levels of operational security, resiliency, and reliability for network and infrastructure security services; defines operational programs and identifies opportunities for improving operational efficiency and reliability as demanded by Avangrid corporate applications.
• Manages operational security performance, including service reliability, incident response partnership, threat containment support, vulnerability remediation execution, and continuous improvement of controls and monitoring.
• Ensures resiliency and availability of security services through capacity planning, high-availability design principles, disciplined change management, and operational readiness practices.
• Leads regulated-utility security alignment activities, including audit support, risk assessments, policy adherence, evidence collection, and remediation planning in partnership with compliance and control owners.
• Reduces operational bottlenecks by improving intake, design review, implementation standards, escalation models, documentation, and automation opportunities to strengthen L3 engineering support.

Stakeholder, Vendor and Financial Management

• Partners with Cybersecurity, Corporate Security, Risk, Infrastructure, Cloud, and Network Engineering teams to align priorities, manage shared dependencies, and drive enterprise security outcomes.
• Manages vendor relationships and service delivery expectations, including operational KPIs/SLAs, contract performance, service reviews, and financial stewardship for assigned programs and platforms.

People Leadership and Workforce Development

• Provides leadership for managers, technical leads, and individual contributors: sets objectives, manages performance, develops skills and career paths, executes workforce planning, and builds an inclusive, high-performing culture.
• Builds team capability through mentoring, coaching, hiring, and succession planning to support an evolving security and network technology landscape.

Required Qualifications

• Bachelor's degree in computer science, cybersecurity, information systems, engineering, or a related field and a minimum of ten (10) years of relevant experience. An equivalent combination of education and experience may be considered.
• Relevant experience to include a minimum of five (5) years as a Technology Manager, including direct people leadership and accountability for service delivery, operating model maturity, and multi-team execution.
• Demonstrated leadership across enterprise network security and infrastructure security capabilities in a large-scale, complex environment, including enterprise firewall, SD-WAN, WAF, IDS/IPS, segmentation, secure connectivity (VPN/NAT), cloud network security, identity and access management (IAM), privileged access management (PAM), endpoint security, vulnerability management, network detection and response (NDR), and security tooling operations.
• Strong understanding of firewall policy lifecycle management, rule review and optimization, segmentation strategy, VPN/NAT governance, high availability, logging, monitoring, change validation, and audit evidence requirements.
• Experience leading enterprise security platforms and vendors such as Fortinet, Palo Alto, Check Point, Cisco, Akamai WAF, Zscaler, CyberArk, ExtraHop, or equivalent enterprise technologies.
• Ability to establish governance, engineering standards, and operating rhythms that improve security outcomes, service reliability, and delivery predictability.
• Experience defining and managing operational metrics, including KPIs and SLAs; leading service reviews; maintaining operational dashboards; and producing executive reporting, risk summaries, roadmap updates, and decision materials.
• Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines.
• Ability to communicate with and influence technical and non-technical customers, colleagues, and vendors.
• Ability to share knowledge and mentor and manage less experienced team members.
• Strong commitment to personnel safety and IT security.
• Travel within the US and to Europe may be required, as needed.

Preferred Qualifications

• Master's degree in IT, Cybersecurity, Engineering, Business Administration, or related field.
• Experience with Fortinet technologies such as FortiGate, FortiManager, FortiAnalyzer, and Secure SD-WAN, or equivalent firewall and SD-WAN platforms.
• Experience with enterprise firewall platforms such as Fortinet, Palo Alto, Check Point, Cisco, or equivalent enterprise technologies.
• Experience with WAF and edge security platforms such as Akamai WAF, or equivalent enterprise technologies.
• Experience with proxy or secure web gateway platforms such as Zscaler, or equivalent enterprise technologies.
• Experience with privileged access management or identity security platforms such as CyberArk, or equivalent enterprise technologies.
• Experience with network detection and response platforms such as ExtraHop, or equivalent enterprise technologies.
• Relevant certifications in network security, firewall, SD-WAN, cybersecurity, infrastructure security, identity security, or IT service management.

Competencies:

• Growth & Continuous Improvement

• Initiative & Change
• Focused on Results
• Customer Centric (internal and/or External)
• Communication
• Collaboration
• Leadership (people managers/leaders)

What We Offer:

• Competitive benefits and growth opportunities
• Generous performance-based bonuses
• 12% 401(k) match
• Comprehensive health, dental, and vision insurance
• Tuition reimbursement
• Professional development and clear career-advancement pathways

For more information, please visit: Benefits - Avangrid

#LI-Onsite; #LI-CH1

Company:
AVANGRID MANAGEMENT COMPANY, LLC.

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country.

At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law.
If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power.

Avangrid employees may also be assigned a NERC Reliability Standards compliance role supporting Critical Infrastructure Protection (CIP) and/or Operations and Planning (O&P) responsibilities. This is applicable to employees that will work in electric transmission, operations, and cyber security business areas in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate business areas. NERC Reliability Standards compliance roles and responsibilities may include additional access protections, training, audit engagement, and required evidence retention, and will be communicated by the employee's management.

Job Posting End Date:
June-11-2026