Under general supervision, implements and manages technologies, processes and procedures that meet IPL internal cyber security and NERC Critical Infrastructure Protection (CIP) regulatory obligations. Identify cyber security needs and vulnerabilities, and work with the appropriate groups to implement measures to fulfill those needs and mitigate vulnerabilities. Closely coordinates with the Cyber/Physical Security Supervisor to establish and maintain an effective internal control monitoring program that ensures IPL’s information and cyber assets are protected in accordance with NERC CIP Requirements and industry cyber security best practices.
This position is part of a core team whose combined responsibilities encompass procedure development, training, and documentation management as they relate to IPL internal and NERC CIP Standard cyber security programs. Must interpret regulatory standards, evaluate cyber risks, develop and implement programs, policies, procedures and guidelines to minimize, manage and mitigate those risks, train subject matter experts in necessary compliance tasks, and prepare documentation for audits, management reports and presentations.
Minimum Qualifications: Bachelor’s degree or equivalent in cybersecurity, computer science/information systems, or equivalent combination of education and related IT experience resulting in demonstrated ability to perform the major duties. Seven to ten years of progressively responsible related experience in IT cyber security with energy or utility industry experience a plus. Previous experience in cyber security compliance or IT auditing. Experience in project management, root cause problem analysis and problem solving; Experience in NERC, FISMA, NIST or other cyber security compliance requirements; Strong understanding of network architecture, firewalls, Intrusion Detection Systems, audit and log management, physical security control systems and common operating systems. One or more of the following certifications preferred: CISSP, GSEC, CEH, CISA, GISF or other security related certification. Proficient with Microsoft Office applications. Valid driver’s license required. Must complete required NIMS level training within first six months of hire.
Knowledge, Skills & Abilities: Audit experience with NERC CIP standards, RSAW’s and audit procedures, or other (FISMA, NIST) audit experience. Knowledge of process flows, technical writing and procedure development/documentation and in developing, implementing and maintaining an internal compliance program. Knowledge in creating cybersecurity training and awareness material and of disaster recover/contingency planning. Experience in physical security planning. Able to organize work, set priorities, meet critical deadlines, and follow up assignments with minimum direction. Able to apply logical thinking to solve problems or accomplish tasks; understand, interpret and communicate complicated policies, procedures and protocols. Knowledge of preparing clear and concise reports, correspondence and other materials such as training manuals. Skill in using tact, discretion, initiative and independent judgment within established guidelines; Researching, compiling, and summarizing a variety of informational and statistical data and materials. Organizational skills in setting priorities, meeting critical deadlines, and following up assignments with a minimum of direction. Excellent presentation written and verbal communication skills and proven customer interface skills with ability to communicate at both technical and non-technical levels. Able to perform studies, create procedures and provide training, and lead in critical situations; Able to perform a wide variety of tasks and change focus quickly and manage transitions effectively and adapt to customer needs; Able to understand and carry out oral and written instructions with attention to detail;
Physical Demands: Use hands to finger, handle, or feel; reach with hands and arms; normal hearing, visual acuity and eye-hand coordination; stoop, crouch, or kneel; and lift and/or move up to 25 pounds.
Typical Working Conditions: Office environment, typically moderately quiet. After work hours during nights, weekends, and holidays may be required during system outages or major upgrades. Occasional travel also required.
Drug Testing; Security Background Check
In addition to the application, testing and/or examinations may be required for further consideration on this position.
Apply on-line www.indepmo.org/hr or apply in the Human Resources Department, 2nd floor, City Hall, 111 E. Maple Independence, MO 64050. Position Open Until Filled.
EQUAL OPPORTUNITY EMPLOYER – BILINGUAL SKILLS PREFERRED