APPLY NOW »

Cyber Security, Director

Date:  Sep 18, 2023
Location: 

Houston, TX, US, 77002

Company:  NRG

As an NRG employee, we encourage you to think creatively and proactively about your career choices.  Our work environment is dynamic and the career opportunities across our businesses offer variety and challenge.  Providing career growth to our own employees is critical to our ongoing success--take charge of your career goals and empower your future!


 

Job Summary:

 

Leads operations technology (OT) cybersecurity and Critical Infrastructure Protection (CIP) programs for NRG.  Responsible for the cybersecurity services and CIP compliance for generating plants and/or control centers.  Services include but are limited to firewalls, SIEM, antimalware software, patching software, vulnerability assessment tools, remote access, and multifactor authentication.  The position is also responsible for monitoring cybersecurity risks to control systems and coordinating and communicating mitigation efforts.  The position also represents NRG in industry groups such as Infragard and NERC E-ISAC.

 

Essential Duties/Responsibilities:

 

  • Ensure compliance to all NERC-CIP Standards at NRG’s facilities.
  • Serves as primary delegate for the CIP Senior Manager for all delegated responsibilities.
  • Create and maintain CIP compliance strategy and program
  • Create, execute and maintain the OT cybersecurity strategy for NRG’s generation fleet.
  • Communicate the OT and CIP strategic vision to all NRG departments, resolve conflicts and achieve buy-in.
  • Develop and manage security talent, engaging/managing third parties as needed to ensure the required capabilities are available either internally or externally.
  • Work as a liaison with vendors, legal and contract administration staff to establish mutually acceptable contracts and service level agreements.
  • Prepare and manage the Information Security division’s annual budget to reflect information security strategic and operating initiatives.
  • Serve as primary point of contact for acquisition and separation of generation plants for cybersecurity and CIP compliance.
  • Work with team members on projects and new, innovative ideas.
  • Working with various teams, prepare evidence needed for NERC Audits.
  • Maintain great working relationships with site personnel and other teams.
  • Some travel required- approximately 10-20%.
  • Other duties as required.

 

Working Conditions:

  • Work in an open office or power plant environment
  • Work extra and non-standard working hours as needed
  • Travel as needed approximately 10% of time

 

Minimum Requirements:

 

  • High school diploma and 10 years of experience in cyber security & protection and computer infomation science or Bachelor's degree and 5 years of in cyber security & protection and computer infomation science.
  • 5 years of NERC CIP standards and requirements experience.
  • Experience in implementing and/or maintaining a NERC compliance program.
  • Experience in preparing and presenting evidence during audits and to the executive leadership team
  • Knowledge of physical security, network infrastructure, and security related tools such as whitelisting, IDS/IPS, anti-malware, patch management, baselining, SIEM, access control, and firewalls.
  • Knowledge of industrial control systems and other utility Operational Technology or Information Technology systems
  • Ability to see tasks through to completion without significant guidance
  • Strong verbal and writing skills for communicating with all levels of the organization, technical and non-technical
  • Experience with CIP specific audit skills, controls, cyber and physical security, and related industry regulatory issues.
  • Highly motivated, self-starter willing to take on new challenges
  • Good project management skills

 

Preferred Qualifications:

 

  • Bachelor’s degree in information technology, engineering or related area.
  • Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.
  • Demonstrated ability to lead an OT cybersecurity group.
  • Demonstrated ability to lead a CIP compliance program
  • Demonstrated ability to set priorities and to respond to changing demands.
  • Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards; demonstrated ability to maintain confidentiality.

 

 

Additional Knowledge, Skills and Abilities:

 

  • Socialize innovative ideas with the team and others.
  • Performs complex work assignments under minimal supervision.
  • Works to resolves complex issue and seeks guidance from team members on escalated issues. 
  • Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.
  • Demonstrated ability to work independently and as a team member.
  • Demonstrated ability to set priorities and to respond to changing demands.
  • Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards; demonstrated ability to maintain confidentiality.

 

Physical Requirements (Demand and Frequency):

  • Requires occasional lifting as appropriate to complete duties

 

Please Note:  Salary offered will be commensurate with the successful candidate’s education and/or experience and consistent with the job location’s market pay rate.

 

NRG Energy is committed to a drug and alcohol free workplace.  To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Vet/Disability  Level, Title and/or Salary may be adjusted based on the applicant's experience or skills.  

Official description on file with Talent.


Nearest Major Market: Houston

APPLY NOW »