Operational Technology Cyber Security Manager

Overview

On Site
Full Time

Skills

Cross-functional Team
Continuous Integration and Development
Information Systems
Reporting
Licensing
ISO 9000
Internal Auditing
Legal
Corrective And Preventive Action
Product Costing
Training And Development
Team Building
Budget
Capital Expenditures
Auditing
Training
Product Innovation
Demand Planning
Software Development
Vulnerability Management
Instrumentation
Incident Management
Management
Quality Audit
Human Resources
Supply Chain Management
Global Operations
Electrical Engineering
IT Management
Computer Science
Security Clearance
CISSP
GPEN
OSCP
Security Controls
NIST 800-53
NIST SP 800 Series
ISO/IEC 27001:2005
Cyber Security
Team Leadership
Risk Analysis
Risk Management
Information Security
SIEM
Firewall
Intrusion Detection
Vulnerability Assessment
Encryption
Access Control
Malware Analysis
System Security
Information Technology
Computer Hardware
Computer Networking
Operating Systems
SAFE
Energy
Customer Focus
Innovation
Collaboration
Teamwork
Accountability
Social Media
Twitter
Facebook
LinkedIn
YouTube
Recruiting
Law
Regulatory Compliance

Job Details

Are you interested in being part of an innovative team that supports Westinghouse's mission to provide clean energy solutions? At Westinghouse, we recognize that our employees are our most valuable asset and we seek to identify, attract and recruit the most qualified talent while recognizing and encouraging the value of diversity in the global workplace.

About the role:

As an Operational Technology (OT) Cyber Security Manager you will lead a cross functional team to evolve, innovate and standardize cyber security programs and security product line across the Global Instrumentation & Control organization. The position will require direct management and continuous development of knowledge workers to achieve an improved security posture and reduce risk in Westinghouse's global deployment of Operational Technology projects across the Nuclear Power Industry. You will report to the Director of Control and Information Systems Engineering. You will be hybrid reporting out of Warrendale, Pennsylvania.

Key Responsibilities:
Lead the global resource team to create, maintain and execute cyber security programs & plans which address customer regulatory licensing commitments (10 CFR 73.54, Reg Guide 5.71, ISO/IEC 27001, etc), and continuously improve the security posture of Westinghouse Operational Technology deliverables which are deployed to the Nuclear Industry. Help develop and maintain OT policies & standards based on knowledge of best practices and compliance requirements collaborating with Cybersecurity Operations, IT business partners, Internal Audit, Legal, Corporate Security, External Auditors, and other stakeholders. Manage the annual review of policies and standards.
Responsible for the effective operations of the team, and ensures standards of quality (including effective management of the corrective action & operating experience program), product cost standardization (including utilization of resources to meet assigned targets), safety (both ensuring a NSCWE as well as personnel and Industrial safety), reliability, and performance are met in production processes.
Responsible for all aspect of personnel development and management, in close cooperation with the technical leader(s) in the team. Supported by experienced professionals who exercise latitude and independence in assignments. Maintain OT Team Development Plan to ensure working knowledge of applicable cyber security frameworks, laws, standards & technology used across the global Nuclear Industry.
Establish and manage the yearly plans and budgets for capital expenses, internal audits, operations support, resource training and product innovation for the GIC cyber security team. Includes resource demand planning to execute project and internal demands.
Manage Operational Technology threat management, secure software development, vulnerability management, and incident response capabilities across Westinghouse Global Instrumentation & Control System products.
Collaborate with Westinghouse Management for Operational Technology Cyber Security Incident Response, and manage interface with customers, and regulatory agencies (e.g., Nuclear Regulatory Commission)) as appropriate, for oversight of the OT Cyber Security Programs).
Establish & Manage Cyber Security Periodic Quality Audit program to identify and implement corrective actions in the Westinghouse OT cyber security program, collaborate with the relevant IT teams to ensure the Ongoing Monitoring and Assessment activities listed in the Cyber Security Plan are completed within the required periodicity.
Foster relationships with and use the value of center-led support organizations including Human Resources, Supply Chain Management and Global Operations Services.

Qualifications:
Bachelor's degree in engineering (Electrical or Computer), Information Technology Management, Computer Science or Cyber Security.
Minimum of 5+ Years of managerial experience in Operational Technology / Information Technology with 5+ Years experience leading a large-scale cyber security program.
Be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
Experience interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
Excellent team leadership, technical teamwork, and collaborative skills
Security and risk-related concepts to technical and nontechnical audiences.
Risk analysis, risk management and experience reducing risk to our organization.
Experience with important information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis
Broad Knowledge of operational technologies (Distributed Control Systems, Safety Systems, Security Systems), systems and networks and typical gaps that could affect the ability of an organization to detect and respond to cyber-attacks.
Foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems.

Why Westinghouse?

Westinghouse offers competitive benefits to all our employees around the globe to keep them healthy and enhance their well-being. In the U.S. the following are representative of what we offer:
  • Competitive Salary
  • Comprehensive Health, Wellness and Income Protection Benefits
  • Employee Assistance Program: confidential counseling and resources for employees, eligible dependents, and household members
  • 401(k) Savings Plan with Company Match
  • Paid Vacations and Holidays
  • Opportunities for Flexible Work Arrangements
  • Educational Reimbursement Program
  • Employee Referral Program

Westinghouse Electric Company is the global nuclear energy industry's first choice for safe, clean, and efficient energy solutions. We enable our delivery of this vision by living our value system:
  • Safety and Quality
  • Integrity and Trust
  • Customer Focus and Innovation
  • Speed and Passion to Win
  • Teamwork and Accountability

While our Global Headquarters are located in Cranberry Township, PA, we have over 11,000 employees working at locations in 19 different countries. You can learn more by visiting

Westinghouse is an Equal Opportunity Employer including Veterans and Individuals with Disabilities

Get connected with Westinghouse on social media:
Twitter | Facebook | LinkedIn| YouTube


Employment opportunities may require access to information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.