Invenergy drives innovation in energy. Powered by decades of entrepreneurial experience and unparalleled execution, we solve the energy challenges facing our customers and communities. We provide power generation and storage solutions at scale around the world to create a cleaner energy future. We develop. We build. We own. We operate. We are Invenergy.
This position will be open for application for at least 3 calendar days from the posting date. This position will remain open for application based on business need, which may be before or after the 3-day posting window.
Job Description
Position Overview:
The Director of Information Security Programs will focus on managing risk for the cybersecurity program at Invenergy, bringing project and program management expertise to the management of cyber security programs, policies and compliance. Strengthen information security as a strategic partner to other business areas. Significantly contribute to cyber security risk management processes, compliance, metrics, reports, and other security awareness and communication tools.
Responsibilities:
- Manage and develop security program according to security framework.
- Lead team responsible for the creation of cybersecurity policies and procedures in support of all applicable regulations and security frameworks.
- Establish and maintain metrics for the security and compliance program.
- Prepare and present detailed, written technical information for internal and external audiences.
- Lead the cybersecurity training and awareness program covering employees, contractors and vendors.
- Manage the cybersecurity third party risk management program.
- Negotiate and coordinate with cross-functional organizations.
- Create and publish reports for compliance and security program metrics for both internal and external stakeholders.
- Creates and maintains required project portfolio documentation and artifacts.
- Ensure and balance the availability of required skills and competencies across project teams within the program.
- Act as an advisor, and build and maintain relationships across the wider stakeholder community.
- Monitor and coordinate dependencies across projects in the program and resolve conflicts.
- Assist with creating or modifying policies as needed based on effectiveness and internal risk posture.
Minimum Qualifications:
- Bachelor’s or Master's degree in relevant field.
- Fundamental understanding of Risk Management frameworks including the NIST 800-37, NIST CSF, and ISO 27001 set of publications.
- Understanding or experience in building and maintaining compliance programs for NERC CIP, GDPR, PII, NIS.
- Experience leading cross-org discussions and working with a matrixed team of stakeholders to achieve common goals.
- Strong critical thinking skills with ability to challenge normal operations.
- Proven track record of taking ownership and driving results.
- Excellent verbal and written communications skills.
Preferred Qualifications:
- Certifications: CISSP, CISA, and / or CISM.
Salary Range: $180,500 - $213,675
Eligible for medical, dental, vision, 401(k), bonus, paid time off, etc.
Invenergy LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or disability.
#J-18808-Ljbffr