Director, Security Operations - Critical Infrastructure
- Job Title
- Director, Security Operations - Critical Infrastructure
- Job ID
As the Director of Security Operations you will lead a talented team of information security engineers and analysts who receive, triage, analyze, monitor and coordinate critical infrastructure protection (CIP) security issues throughout North America. Our ideal candidate will be familiar with the relationships between the Electricity Sub-sector in North America and federal agencies, including the Department of Homeland Security (DHS), the Department of Energy (DOE), the Department of Defense (DOD), the Federal Energy Regulatory Commission (FERC), and the Federal Bureau of Investigation (FBI). This critical role will be accountable for strategic direction and daily operations focused on evaluations of security threats and vulnerabilities, and developing and conducting security research and education.
The Director will successfully mentor and manage staff, develop and mature internal processes and will be key in driving operations, analysis, and intelligence functions. This critical position will have a great deal of organizational influence and will report directly into the Chief Security Officer.
Duties and Responsibilities
- Serve as the senior operational point of contact to agencies of federal, state, and local governments.
- Lead a team of all-hazards security analysts to facilitate reporting, outreach, incident reporting, and information sharing.
- Manage incident triage and coordination with analysis and detection sections to identify and analyze technology and cyber impacts to information technology (IT) and operational technology (OT) assets, network infrastructure, and control systems in the Electricity sector.
- Manage incident triage and coordination with analysis and detection sections to identify and analyze physical threats to utility assets and ensure proper incident management and coordination.
- Draft and prepare various reports, executive summaries, and technical papers; maintain awareness of workflow and Senior SOC Officer end of shift reports; monitor and moderate web portal discussions and postings.
- Coordinate continuity of operations for emergency relocation of SOC Operations to include uninterrupted telecommunications, computer systems, cyber and physical security, and networks.
- Analyze physical and cyber threats and vulnerabilities, and provide timely and actionable information; ensure accurate and timely reporting of all significant security incidents to SOC leadership.
- Share cyber and physical threat information with security partners across multiple sectors to achieve situational awareness; respond to cyber and physical threats to minimize incidents and support recovery efforts; build and maintain operational relationships with trusted international partners in response to transnational threats.
The successful candidate will have:
- A Bachelor’s Degree in a related technical field and a minimum of 5 years related technical experience. An additional 4 years of experience may be substituted in lieu of a degree.
- Active Top Secret Security Clearance with SCI eligibility. If not currently held, selected candidate must be able to obtain and maintain a favorably adjudicated background investigation for continued employment.
- Ten years or more of technical cyber and/or physical security experience, preferably in the Electricity sector, utility industry, or industrial control systems environment.
- Experience in leading a security operations center, incident response team, physical security team, or technical support group.
- Familiarity with past and current threat actors and associated tactics and tools.
- Ability to understand and learn technical specifications, system requirements and other application design information as needed.
Additional desired attributes include:
- Master’s degree in a related discipline.
- CISSP, CISM, GIAC, CPP, or other security-related certification.
- Experience in incident response, malware analysis, computer forensics, network intrusion monitoring in IT and OT environments.
- Exposure to Cyber Threat Intelligence platforms and technologies.
- Position located in Washington, D.C.
- Relocation offered for the right candidate
- Position requires an Active Top Secret Security Clearance with SCI eligibility. If not currently held, selected candidate must be able to obtain and maintain a favorably adjudicated background investigation for continued employment.
- Background check will be conducted prior to employment.
- In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
- Travel necessary: Passport required for North American travel.
- This position has been classified as exempt.
- Position is required to participate in 24x7 on call rotation.
Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)