Overview
On Site
Full Time
Skills
ICS
Field Service
Operations Management
Security Operations
Network Security
Management
Reporting
Documentation
Standard Operating Procedure
Technology Assessment
Information Security
Decision-making
Information Systems
Risk Assessment
Incident Management
Supervision
CISM
Security+
Information Technology
Security Clearance
CISSP
GPEN
OSCP
Security Controls
NIST 800-53
NIST SP 800 Series
ISO/IEC 27001:2005
Cyber Security
Team Leadership
Teamwork
Communication
Risk Analysis
Risk Management
Cloud Computing
Collaboration
Vendor Management
VMware
VMware ESXi
Vulnerability Management
Microsoft Windows
Linux
Operating Systems
Auditing
Recruiting
Law
Regulatory Compliance
Job Details
Your Role and Responsibilities:
Required Technical and Professional Expertise:
Preferred Technical and Professional Expertise:
Employment opportunities may require access to information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.
- Secure Operations Management: Enforce company policies and practices to ensure that all products and systems are compliant with cybersecurity standards. This is a hands-on role that actively participates in security operations.
- Security Risk Assessment: Provide input for security risk assessments and compliance audits, identifying potential information and network security vulnerabilities.
- Operational Incident Handling: Manage the detection, response, mitigation, and reporting of incidents within the environment. This role is responsible for hands-on incident resolution and actively participating in the incident response process.
- Vulnerability Management: Participate in the IT vulnerability management program by classifying vulnerabilities, providing remediation guidance, and working with the team to prioritize and address vulnerabilities.
- Compliance and Policy Enforcement: Ensure compliance with relevant cybersecurity compliance regulations. Execute company policies to maintain compliance.
- Documentation: Document standard operating procedures and guidelines. Develop, maintain, and publish standards to mitigate risk and influence user behaviors. Assist in reviewing and documenting exceptions to security standards.
- Security Technology Evaluation: Investigate and recommend security technologies and solutions to support secure development functions.
- Technical Guidance: Provide technical guidance and consultation related to information security issues. This is a hands-on role that actively contributes to the resolution of security challenges.
- Process Performance: Actively participate in security processes and procedures, ensuring their effectiveness and efficiency.
- Weekly Meetings: Be an active member of secure development meetings, providing updates, insights, and participating in the decision-making process.
- Travel up to 85%, typically when deploying systems to the field for installation and commissioning
- Maintain in-depth knowledge of Westinghouse deployed solutions for cyber security and distributed control and information systems.
- Professional interaction with WEC Customers.
Required Technical and Professional Expertise:
- Bachelor's degree in a relevant field or associate's degree and equivalent experience, coupled with high proficiency operating in Enterprise OT Security.
- Proven experience in cybersecurity operations, risk assessment, and incident management, along with demonstrated supervisory experience.
- Strong knowledge of cybersecurity best practices, compliance regulations, and industry standards.
- Hands-on experience with security tools and technologies.
- Excellent communication and teamwork skills.
- Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
- Minimum 5+ Years of installation and troubleshooting experience in Operational Technology / Information Technology with 5* Years experience leading a large-scale cyber security program. typically, 10+
- Ability to be granted 10 CFR 73.56 Trustworthy and Reliability Clearance for US Nuclear Plant Entry
- Professional certifications, such as CISSP, GIAC (GSTRT, GLEG, GSLC, GPEN), OSCP, or other applicable technical certifications showing area of expertise from qualified and reputable vendors and certification agencies.
- Experience with interpreting Security Control & Program Frameworks such as NIST 800-53, NIST 800-82r2, 20 Critical controls, ISO 27001 & 27002, NEI-08-09, NEI 13-10 into Cybersecurity Program, Policy & Procedures.
- Excellent team leadership, technical teamwork, written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Strong risk analysis, risk management and proven experience in reducing risk to the organization.
Preferred Technical and Professional Expertise:
- Familiarity with modern enterprise security practices both on-premises and Cloud.
- Demonstrated internal team collaboration and external vendor management.
- Demonstrated experience with VMWare and ESXi.
- Familiarity with Rapid7 Vulnerability Management tools.
- Familiarity with current and legacy Windows and Linux operating systems.
- Demonstrated experience with Security Audit Assessments
Employment opportunities may require access to information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.