Cyber Application Platform Architect
Iberdrola SA, Boston, MA, United States
Cyber Application Platform Architect
LOCATION: Boston MA
SALARY RANGE: The base salary range for this position is dependent upon experience and location, ranging from $135k to $165k.
Relocation: Eligible
Bonus: Eligible
Job Summary
Join a critical team within Offshore O&M Operations Engineering and lead the development and implementation of cybersecurity systems and processes on our offshore assets. The Cyber Application Platform Architect will manage all aspects of Avangrid Renewable Cybersecurity Program for Offshore Operation as well as assigned areas of North American Electric Reliability Corporation (NERC) Reliability Standards related to Critical Infrastructure Protection (CIP) to ensure compliance with applicable standards and requirements.
This role is a unique opportunity to work alongside Avangrid’s extensive technical experts to deep dive into engineering topics and work with Iberdrola’s team in global cybersecurity initiatives.
The Cyber Application Platform Architect will be responsible for the management of the asset cybersecurity and technical integrity for a group of equipment within the different systems in the Avangrid Offshore renewable assets and support Control Centers activities. The focus of the role will be to maintain protection and compliance, and support with the O&M requirements for future projects.
The Cyber Application Platform Architect is responsible for providing good quality and consistent service across offshore projects for the Operations and Maintenance Group. Responsible for the definition and delivery of a scope of works for O&M including the management of contractors and associated interfaces, and ensuring quality, best practices and excellent H&S performance are applied.
Key Responsibilities
- Lead Cybersecurity
- Lead the development and implementation of the Avangrid Renewables Offshore cybersecurity program.
- Understanding and delivering the requirements of local regulatory and global cybersecurity initiatives, risk management, third-party assurance, insurance, disaster recovery, and vulnerability management.
- Coordinate cybersecurity program objectives with the Iberdrola Global Cyber Security team.
- Collaborate with the Businesses, IT, OT, and other Corporate Service Areas to define, govern, and support the cybersecurity measures implemented at Avangrid Renewables Offshore.
- Represent the Avangrid Renewables Offshore cybersecurity initiative to the businesses and local cybersecurity teams in USA, UK, Spain, Mexico, and Brazil.
- Support Avangrid Renewables Offshore in the Cyber Threat and Incident Response Program.
- Make strategic decisions to mitigate cyber-related threats and vulnerabilities to the Renewables Offshore operation, IT, and OT networks.
- Ensure governance of the Business, IT, and OT teams such that all actions and work plans related to cyber assets conform to the Renewables cybersecurity requirements.
- Assess, track, monitor, and verify Avangrid Renewables Offshore cybersecurity compliance against global business policies and standards.
- Provide offshore O&M cybersecurity requirements into future project designs and third-party maintenance and supply contracts.
- Develop, implement, and support offshore standards, procedures, tools, best practices, and quality requirements.
- Ensure that all assessment, advice, and recommendations are fully documented in accordance with all internal procedures and industry best practice.
- Ensure appropriate lessons learned regarding offshore wind farm operation and Maintenance are captured and shared across the different Offshore Projects, national and international.
NERC CIP Compliance Technical Lead
- Direct actions of cybersecurity subject matter experts (SMEs) in performance of duties impacting CIP compliance processes.
- Promote the reliability of the Bulk Power System through rigorous compliance with applicable NERC CIP standards.
- Ensure effective regulatory compliance to the North American Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards.
- Monitor and enforce activities and functions for internal and external audit preparation.
- Maintain and revise, as needed, Avangrid’s CIP compliance program.
- Prepare for coordinate and support compliance audits conducted by internal resources, consultants, or regulatory organizations.
- Work with responsible Avangrid Business Units to coordinate resolving compliance issues and develop improvement recommendations and mitigation plans.
- Keep responsible Avangrid Business Units informed regarding NERC Standards Development.
- Coordinate with appropriate subject matter experts (SME) and effectively communicate Avangrid’s position on proposed regulatory standards to NERC.
- Ensure timely adherence from responsible Avangrid business units to all new/revised NERC regulatory obligations.
- Maintain awareness of emerging utility industry issues through benchmarking and participation in appropriate utility forums/groups.
Required Qualifications
- A degree or equivalent in physics, mathematics, telecom, computer science, information systems, or an engineering discipline.
- 3+ years’ experience in the electric utility industry.
- 5+ years’ experience in national/cyber security capacity.
- Knowledge of OT security event monitoring systems: IDS/IPS, SIEM technologies.
- Experience and understanding of technical due diligence.
- Demonstrated prior experience in managing or coordinating long-term projects.
- Demonstrated experience creating procedures and program documentation.
- Ability to engage with other critical security-related entities and industry specialists.
- Ability to effectively represent the cyber business unit to all levels of the organization.
- Coordinate project members and key expertise from various departments to deliver project objectives and minimize costs/risks.
- Developed report writing, presentation skills, and ability to summarize parameters and drivers impacting the scope of works.
- Effective communication and interpersonal skills.
- Ability to work, manage decision-making processes under pressure and to deadlines.
- Flexible to travel to Onshore and Offshore locations.
- Eligible to work in the US.
- Ability to complete GWO basic safety and sea survival training.
- Ability to complete HUET (Helicopter Underwater Escape Training).
- Ability to access Offshore substation and wind turbine assets.
Preferred Qualifications
- Experience in the offshore sector.
- Master’s Degree in a national/cyber security related area preferred.
- Knowledge of international standards such as ISO27000, C2M2, NIST, among others.
- Knowledge of H&S and environmental legislation associated with marine/offshore operations projects.
- Foreign languages (Spanish).
- Knowledge and experience of engineering contracts.
Competencies (this is standard for all jobs)
- Growth & Continuous Improvement
- Initiative & Change
- Focused on Results
- Customer Centric (internal and/or External)
- Communication
- Collaboration
- Leadership (people managers/leaders)
Disclaimer (this is standard for all jobs)
AVANGRID is committed to a diverse and inclusive workplace. AVANGRID is an equal opportunity employer and does not discriminate on the basis of an individual’s sex, gender, gender identification, gender expression, race, color, religion, national origin, age, ancestry, genetic information, medical condition, physical or mental disability, marital status, sexual orientation, military or veteran status, or other characteristics or conditions protected by law.
Click here for Additional Disclaimer Information.
#J-18808-Ljbffr