 |
Job D6011 Description Click to apply: Please attach resume to mail |
| SOFT's client located Remotely is looking for a Senior Program Manager – IT Security for a long term contract assignment. Project Overview Client needs a Senior Program Manager – IT Security that will serve as the Subject Matter Expert (SME) on all matters related to IT security for client. This leadership role will oversee the planning, execution, and delivery of cybersecurity programs and initiatives, ensuring alignment with NIST Cybersecurity Framework (CSF), NERC CIP, and utility-specific security best practices. The Senior Program Manager will also provide long-term oversight and strategic direction for the Systems Separation Program, focusing primarily on Bundle 3 and Bundle 4 deliverables. This role requires exceptional leadership, deep technical expertise, and proven program management skills in complex utility environments. C. Basic Scope of Subcontractor Work · Act as primary IT Security SME for client, advising on NIST CSF compliance, security strategy, and operational risk mitigation. · Oversee planning, execution, and delivery of cybersecurity programs, including resource allocation, budgeting, and scheduling. · Provide oversight and governance for System Separation Program (Bundles 3 and 4), ensuring milestones are met and risks are managed. · Develop, implement, and maintain an enterprise security architecture that integrates internal and third-party systems. · Ensure enterprise security tools, processes, and services provide consistent and robust protection. · Lead incident response efforts to minimize impact from security breaches or cyberattacks. · Monitor and evaluate implementation/migration of large-scale enterprise security tools and systems. · Develop and maintain performance metrics, monitoring, and evaluation frameworks consistent with client standards. D. EDUCATION AND/OR EXPERIENCE · Strong understanding of cybersecurity principles, technologies, and best practices. · Demonstrated experience in overseeing the planning, execution, and delivery of cybersecurity programs, including resource allocation, budgeting, and scheduling. · Familiarity and strong understanding of client’s performance management practices, metrics development, monitoring, and evaluation. · Ability to monitor and evaluate the implementation/migration of large-scale enterprises security tools and other enterprise systems in a utility environment. · Experience in developing an enterprise security architecture and ensuring that internal and third-party tools, processes. and services provide a consistent and robust security protection to the organization. · Demonstrated understanding of security controls, policies, and procedures to ensure compliance with relevant regulations and standards, especially in an electric utility setting. · Experience with leading and coordinating incident response efforts to minimize the impact of security breaches and cyberattacks. · Detailed knowledge and understanding of utility cybersecurity standards and best practices (NIST CSF, NERC CIP). · At least 15 years experience in developing, managing, and implementing cybersecurity plans and initiatives. · Bachelor’s in computer science or related Engineering discipline. Postgraduate (e.g. Masters) degree preferable. · Current CISSP, PMP required. Additional cyber-security, program/project management, or strategic planning certifications will be helpful. |
|