Job Description Summary

Job Description

Roles and Responsibilities:

Compliance & Regulatory Leadership:

• Program Execution: Lead the development, implementation, and monitoring of cybersecurity policies and procedures aligned with industry standards such as IEC 62443, NERC CIP, ISO 27001, and NIST.
• Certification Ownership: Develop and execute comprehensive product and system certification plans, serving as the primary technical lead for IEC 62443 certification processes.
• Gap Assessment: Perform high-level product and system gap assessments, identifying misalignments between current state and regulatory requirements.
• Audit Management: Coordinate with external auditors and regulatory bodies, ensuring all documentation related to compliance and audit activities is accurate and up-to-date.

Vulnerability Management & Technical Analysis:

• System Ownership: Take ownership of the vulnerability management program, conducting moderate-to-complex system-level analysis to identify and remediate security weaknesses.
• Advanced Problem Solving: Solve complex technical problems with limited guidance, leveraging cross-product linkages and expertise to develop peer-reviewed remediation solutions.
• Risk Mitigation: Conduct deep-dive risk assessments to identify potential threats. Develop and implement proactive strategies to mitigate risks and improve the overall security posture of the product portfolio.

Execution & Continuous Improvement:

• Project Planning: Develop and execute program plans, including defining work tasks, project scope, and schedules.
• Design Reviews: Lead and support technical design reviews, ensuring cybersecurity "secure by design" principles are integrated from inception.
• Process Innovation: Identify potential improvements in tools and technologies. Proactively solicit feedback from horizontal teams to implement faster, simpler, and more impactful cybersecurity processes.

Leadership & Soft Skills:

• Technical Mentoring: Actively participate in the technical mentoring program, supporting the growth of junior engineers and sharing domain expertise.
• Customer Centricity: Anticipate internal and external client needs, resolving complex security or compliance issues quickly and effectively.
• Collaboration: Foster a positive team spirit by sharing ideas and information, and acknowledging the success of others.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Minimum of 5 years’ experience in cybersecurity compliance, vulnerability management, or a related technical field.
• Minimum of 3 years’ experience with OT-specific frameworks (e.g., IEC 62443, NERC CIP).

Desired Qualifications:

• Battery Energy Storage design or operations experience.
• Proficiency in vulnerability scanning tools (e.g., Nessus, Qualys) and risk assessment methodologies.
• Strong organizational skills with the ability to manage departmental operations and execution independently.
• CISSP, CISM, or equivalent professional cybersecurity certification.

Additional Information