Loading...
Share this Job

Mgr Information Technology (M3)

Date:  Jun 4, 2021
Job ID:  1616
Location: 

Snoqualmie, WA, US, 98065

Puget Sound Energy is looking to grow our community with top talented individuals like you!  With our rapidly growing, award winning energy efficiency programs, our pathway to an exciting and innovative future is now.

 

PSE's IT Security & Risk team is looking for qualified candidates to fill an open Mgr Information Technology (M3) position!

Job Description

  • Manages teams through subordinate managers or higher level individual contributors in IT Security and Risk. Motivates and assists first-line managers or higher level individual contributors to achieve business objectives.
  • Responsible for the end-to-end design, development and maintenance of systems and services enterprise wide or in a designated business unit. 
  • Implements organization strategies and operational objectives through the effective direction and management of resources.
  • Facilitates creation of team environment through communication, setting objectives and coordinating individual and team assignments.
  • Upholds the safety compliance standards inherent in PSE’s operating and/or field procedures related to work responsibilities. Promotes and supports a culture of total safety.

Job Responsibilities

  • Participates in development and implementations of strategic information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled, processed or stored by the organization.
  • Leads or participates in audits related to information security, SOX and NERC/CIP programs.
  • Develops, maintains and publishes up-to-date security policies, standards and guidelines, and oversees training and dissemination of security policies and practices.
  • Creates and manages information, security and risk management awareness training programs for all employees, contractors and approved system users.
  • Creates, communicates and implements a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers.
  • Develops and manages information security budgets, and monitors them for variances.
  • Works directly with the business units to facilitate IT risk assessment and risk management processes, and works with stakeholders through the enterprise on identifying acceptable levels of residual risk.
  • Provides periodic reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
  • Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
  • Develops and enhances an information security management framework based on NIST CSF.
  • Provides strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  • Liaises with various teams/departments across the organization to ensure alignment between the security and enterprise architectures, strategic plans and compliance/audit related activities.
  • Ensures that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
  • Defines and facilitates the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
  • Manages security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
  • Coordinates the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
  • Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the security.
  • Understands and interacts with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management.
  • Contributes to mid-term (1-3 years) IT operational plans and strategies within IT Security and Risk.

Minimum Qualifications

  • Bachelor’s degree in Computer Science or related discipline, or equivalent work experience
  • 7 years experience specifically in IT Security and Risk.
  • 10 years experience in managing or leading teams (some could include consulting).
  • Extensive knowledge, experience and training in information security, utility regulations and compliance requirements (NERC/CIP), IT risk management, information security related processes and procedures, managing information security functions, and knowledge of the latest issues and threats in this arena.
  • In-depth knowledge of technology requirements to effectively manage enterprise-wide security needs.
  • Ability to translate technical risk issues into meaningful actions for consumption and implementation by business leaders.
  • Demonstrated ability to build and manage stakeholder relationships, including senior management and external auditing and regulatory entities.
  • Proven ability to lead cross functional teams.
  • Knowledge of security-related regulatory matters.
  • Understanding of relationships between threats, vulnerabilities, asset values and their effect on overall business risk.
  • Demonstrated management and decision making skills concerning information systems policies, processes and procedures with proven track record of completing tasks and/or projects within budget and on schedule.
  • Excellent communication and presentation skills, especially with non-technical individuals. Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.
  • Exceptional analytical, problem-solving and conceptual skills that can be applied to multiple domains and enterprise-wide.
  • Exceptional negotiating and critical thinking skills.

Desired Qualifications

  • Certification in the following, or similar (see desired section):
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA)
    • Certified Information Systems Security Professional (CISSP)

Additional Information

Families and businesses depend on PSE to provide the energy they need to pursue their dreams. Our steadfast commitment to serving Washington communities with safe, dependable and efficient energy started in 1873. Today we're building the Northwest's energy future through efforts like our award winning energy efficiency programs and our leadership in renewable energy.

 

At PSE we value and respect our employees and provide them opportunities to excel. We offer an expansive pay package that includes competitive compensation, annual goals-based incentive bonuses, comprehensive benefits, 401(K), a company paid retirement pension plan, and an employee assistance and wellness program.

 

Puget Sound Energy is committed to providing equal employment opportunity to all qualified applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, sexual orientation, gender identity, marital status, veteran status or presence of a disability that with or without reasonable accommodation does not prevent performance of the essential functions of the job, or any other category prohibited by local, state or federal law.

 

Should you have a disability that requires assistance and/or reasonable accommodation with the job application process, please contact the Human Resources Staffing department at jobs@pse.com or 425-462-3017.


Nearest Major Market: Seattle
Nearest Secondary Market: Bellevue