Sr. Manager, Cyber Security Operations (101138)
Diversity of backgrounds, ideas, thoughts, and experiences is vital to our culture and the way we do business. Creating an environment where differences are embraced and where every person feels engaged and included makes us safer, stronger, and more successful.
With a history dating back to 1886, American Water is the largest and most geographically diverse U.S. publicly traded water and wastewater utility company. The company employs more than 7,000 dedicated professionals who provide regulated and market-based drinking water, wastewater and other related services to 15 million people in 46 states. American Water provides safe, clean, affordable and reliable water services to our customers to help make sure we keep their lives flowing. For more information, visit amwater.com and follow American Water on Twitter, Facebook and LinkedIn.
PLEASE NOTE: In order for American Water to evaluate decisions about new regulations, reintegration, and safe operating practices, all employees are required to report their vaccination status.Primary Role
Manage and lead the Cyber Security operations team. Create and manage key metrics for cyber security operations and management reporting. Create and manage proactive technology roadmap for defensive cybersecurity technologies. Deploy and manage security infrastructure. Should be up to date with utility industry trends, current security issues, security best practices, and new security technologies. Recommend, monitor, test and report on the state of security controls and infrastructure. Develop, document and implement security policies based on industry best practices. Create, manage and maintain compliance activities related to information security policies, standards and proceduresKey Accountabilities
- Develop a documented, next-generation security architecture for protecting systems, applications, data and users
- Validate security design for new systems and support business in implementing and deploying them
- Develop and maintain effective and appropriate policies, procedures and supporting documentation to stand ready to demonstrate compliance
- Further develop integrated compliance strategies across American Water to optimize new data use and innovations for customer benefit
- Engage with data protection authorities and policymakers to maintain sustainable scalable, global approaches to complex data protection needs cyber security needs.
- Collaborate with the information and content functional areas, technology leadership, and division senior management to align strategic initiatives and technology implementations with data protection and privacy practices
- Manage and oversee a team (internal and outsourced resources) of security professionals and engineers to achieve optimal use of staff and resources towards planning, development, implementation and maintenance of all Technology and Content Security technologies related to the secure operation of American Water systems and services
- Communicate risk decisions, project status, recommended strategy updates to leadership
- Leverage artificial intelligence and machine learning strategies to automate and tune security controls
- Cultivate relationships with security related vendors to establish mutually accepted contracts and service-level agreements
- Maintain relationships with local, state and federal law enforcement and other related government agencies
- Work with internal and external audit teams to deliver timely responses and data collection requests
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
- Understanding of the evolving cyber threat landscape and how it now drives the disciplines of integrity, availability, and recoverability, including specific cyber response experience
- Knowledge in both Problem and Incident management, timeline and its related activities and milestones
- Familiarity and background of various operational risk management asset types including technology, data, people, product, business
- function, process, and facility operations
- Knowledge of Enterprise Security Incident and Event Management (SIEM) and SIEM integrations
- Knowledge of threat intelligence and integrating threat intelligence into SIEM
- Bachelor’s degree in Computer Science, Engineering or related discipline preferred
- 12 + years overall experience in digital and cyber security with at least 3 years in a leadership position
- 2+ years of experience writing and interpreting information security policies and standards
- Experience in managing to Service Level Objectives (SLO)
- Experience with enterprise cyber security technologies including but not limited to SIEM, IDS, Firewalls, MultiFactor Authentication (MFA), EDR, EndPoint protection.
- Experience with managing cloud security technologies.
- As necessary, up to 10%
- CISSP (Preferred)
Join American Water...We Keep Life Flowing™
American Water is firmly committed to Equal Employment Opportunity (EEO) and prohibits employment discrimination for employees and applicants based on his or her age, race, color, pregnancy, gender, gender identity, sexual orientation, national origin, religion, marital status, citizenship, or because he or she is an individual with a disability, protected veteran or other status protected by federal, state, and local laws.