Iberdrola
Cyber Application Platform Architect
Iberdrola, Boston, MA
TITLE: Cyber Application Platform ArchitectLOCATION: Boston MAOfficeSALARY RANGE: The base salary range for this position is dependent upon experience and location, ranging from $135k to $165k.Relocation: EligibleBonus: EligibleJob SummaryJoin a critical team within Offshore O&M Operations Engineering and lead the development and implementation of cybersecurity systems and processes on our offshore assets. The Cyber Application Platform Architect will manage all aspects of Avangrid Renewable Cybersecurity Program for Offshore Operation as well as assigned areas of North American Electric Reliability Corporation (NERC) Reliability Standards related to Critical Infrastructure Protection (CIP) to ensure compliance with applicable standards and requirements.This role is a unique opportunity work alongside Avangrid’s extensive technical experts to deep dive into engineering topics and work with Iberdrola’s team in global cybersecurity initiatives.The Cyber Application Platform Architect will be responsible for the management of the asset cybersecurity and technical integrity for a group of equipment within the different systems in the Avangrid Offshore renewable assets and support Control Centers activities. The focus of the role will be to maintain protection and compliance, and support with the O&M requirements for future projects.The Cyber Application Platform Architect is responsible for providing good quality and consistent service across offshore projects for the Operations and Maintenance Group. Responsible for the definition and delivery of a scope of works for O&M including the management of contractors and associated interfaces, and ensuring quality, best practices and excellent H&S performance are applied. Key Responsibilities Lead Cybersecurity Lead the development and implementation of the Avangrid Renewables Offshore cyber security program. Understanding and delivering the requirements of local regulatory and global cyber security initiatives, risk management, third-party party assurance, insurance, disaster recovery and vulnerability management.Coordinate cybersecurity program objectives with the Iberdrola Global Cyber Security team.Collaborate with the Businesses, IT, OT, and other Corporate Service Areas to define, govern, and support the cybersecurity measures implemented at Avangrid Renewables Offshore.Represent the Avangrid Renewables Offshore cybersecurity initiative to the businesses and local cybersecurity teams in USA, UK, Spain, Mexico, and BrazilSupport Avangrid Renewables Offshore in the Cyber Threat and Incident Response Program.Make strategic decisions to mitigate cyber related threats and vulnerabilities to the Renewables Offshore operation, IT and OT networks.Ensure governance of the Business, IT and OT teams such that all actions and work plans related to cyber assets conform to the Renewables cyber security requirements.Assess, track, monitor and verify Avangrid Renewables Offshore cybersecurity compliance against global business policies and standards.Providing offshore O&M cybersecurity requirements into future project designs and third-party maintenance and supply contracts, this role will ensure that assets are delivered to a business and regulatory standard and prepared for the O&M phaseDevelop, implement and support offshore standards, procedures, tools, best practices, and quality requirements.Ensure that all assessment, advice, and recommendations are fully documented in accordance with all internal procedures and industry best practice, and that sufficient technical and commercial due diligence (whether internal or external) exists to support those business decisions.Ensure appropriate lessons learned regarding offshore wind farm operation and Maintenance are captured and shared across the different Offshore Projects, national and international.NERC CIP Compliance Technical LeadDirect actions of cyber security subject matter experts (SME’s) in performance of duties impacting CIP compliance processesPromote the reliability of the Bulk Power System through rigorous compliance with applicable NERC CIP standards.Ensure effective regulatory compliance to the North American Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards by providing guidance to support and enhance operational business unit’s risk management, Cyber, Information, Physical and Personnel Security programsMonitor and enforce activities and functions for internal and external audit preparationMaintain and revise, as needed, Avangrid’s CIP compliance program to include the administration and maintenance of compliance policies, programs, and procedures related to the NERC CIP StandardsPrepare for coordinate and support compliance audits conducted by internal resources, consultants, or regulatory organizations.Work with responsible Avangrid Business Units to coordinate resolving compliance issues and develop improvement recommendations and mitigation plans.Keep responsible Avangrid Business Units informed regarding NERC Standards Development and activities associated with NERC’s Critical Infrastructure Protection Standards.Coordinate with appropriate subject matter experts (SME) and effectively communicating Avangrid’s position on proposed regulatory standards to NERC.Ensure timely adherence from responsible Avangrid business units to all new/revised NERC regulatory obligations associated with Critical Infrastructure Protection Standards.Maintain awareness of emerging utility industry issues through benchmarking and participation in appropriate utility forums/groups.#LI-DG1Required Qualifications A degree or equivalent in physics, mathematics, telecom, computer science, information systems or an engineering discipline.3+ years’ experience in the electric utility industry5+ years’ experience in national / cyber security capacityKnowledge of OT security event monitoring systems: IDS/IPS, SIEM technologiesExperience and understanding of technical due diligence.Demonstrated prior experience in managing or coordinating long term projects.Demonstrated experience creating procedures and program documentation.Ability to engage with other critical security related entities and industry specialists.Ability to effectively represent the cyber business unit to all levels of the organization.Coordinate project members and key expertise from various departments to deliver project objectives and minimize costs/ risks.Developed report writing, presentation skills and ability to summarize a parameters and drivers impacting the scope of works.Effective communication and interpersonal skills.Ability to work, manage decision-making processes under pressure and to deadlines.Flexible to travel to Onshore and Offshore locations.Eligible to work in the USAbility to complete GWO basic safety and sea survival training.Ability to complete HUET (Helicopter Underwater Escape Training)Ability to access Offshore substation and wind turbine assetsPreferred QualificationsExperience of offshore sectorMaster’s Degree applicable national / cyber security related area preferred.Knowledge of international standards such as ISO27000, C2M2, NIST, among others.Knowledge of H&S and environmental legislation associated with marine/offshore operations projects.Foreign languages (Spanish)Knowledge and experience of engineering contractsCompetencies (this is standard for all jobs)Growth & Continuous ImprovementInitiative & ChangeFocused on ResultsCustomer Centric (internal and/or External)CommunicationCollaborationLeadership (people managers/leaders)Disclaimer (this is standard for all jobs)AVANGRID is committed to a diverse and inclusive workplace. AVANGRID is an equal opportunity employer and does not discriminate on the basis of an individual’s sex, gender, gender identification, gender expression, race, color, religion, national origin, age, ancestry, genetic information, medical condition, physical or mental disability, marital status, sexual orientation, military or veteran status, or other characteristics or conditions protected by law.Click here for Additional Disclaimer InformationAvangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will workfor Avangrid Renewables.#OFFICEMobility InformationPlease note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that countryAVANGRID’s employment practices and policies are geared to hiring a diverse workforce and sustaining an inclusive culture. At AVANGRID we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law.If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at careers@avangrid.comAvangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will work for Avangrid RenewablesJob Posting End Date:December-27-2024SummaryLocation: United States Of America, Massachusetts, BostonType: