Military Spouse Connection Jobs

Military Spouse Connection mobile logo

Job Information

TXNM Energy Manager, Information Security Operations & Engineering in Albuquerque, New Mexico

Manager, Information Security Operations & Engineering

Location: Albuquerque, NM, United States

Job ID: 6088696

Date Posted:Sep 5, 2024

POSTING DEADLINE

This position is posted until filled.

DEPARTMENT

Department: Information Security

JOB DESCRIPTION

Manager, Information Security Operations & Engineering

Salary Grade: G04

Minimum Midpoint Maximum

$99,778 - $134,699 - $169,622

This position is covered by NERC CIP cyber security standards. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check. Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required.

SUMMARY:

Ensures technical and logical security mechanisms are in place to protect enterprise assets and information from unauthorized access. Provides technical expertise to implement and maintain security measures to protect confidentiality, integrity, and availability of enterprise electronic systems information.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Recommends, implements, and maintains technical and procedural controls to provide security in the most reasonable and cost-effective manner; interprets standards, requirements, and their application to the enterprise environment

Performs implementation, testing, oversight, and administration for enterprise security applications, platforms, and solutions, including but not limited to: firewalls, intrusion detection and prevention, identity and access management, encryption solutions, Virtual Private Networks, security event monitoring, log management tools, anti-virus/malware prevention tools, and vulnerability assessment solutions

Acts as a subject matter expert to process and respond to potential and actual cyber security incidents, or alerts issued through the ES-ISAC, ICS-CERT, US-CERT as applicable to enterprise systems and operations

Participates in internal and external audits and reviews to ensure compliance with regulatory standards, internal security policy, and coordinates with internal audit staff, as appropriate

Acts as a liaison with other internal groups in the implementation of solutions utilized by the Mandatory Reliability Standard Compliance Program

Develops, implements, and coordinates change/configuration management and security testing for enterprise systems

Assists Information Security team members and internal clients in addressing highly complex security issues applicable to enterprise environment

COMPETENCIES:

In-depth management, negotiation, technical skills, and demonstrated leadership and customer service skills

Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, ISA, or COBIT

Excellent skills in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology

Ability to understand enterprise business computing operations/requirements, and fundamental power generation operations

Knowledge of forensics, incident analysis, and incident response management

Demonstrated skills in personnel management, budget management, and conflict management

Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions

Ability to organize, create, and deliver technical proposals and presentations to peers and management

Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to keep the Company in compliance and reduce legal liabilities

Project Management knowledge and experience a strong plus

QUALIFICATIONS

MINIMUM EDUCATION AND/OR EXPERIENCE:

Bachelor's degree from four-year college or university in Information Resource Management, Business Computer Systems, Computer Science or Computer Security with seven to nine years related experience, or equivalent combination of education and/or experience related to the discipline.

Master's degree preferred.

CERTIFICATES, LICENSES, REGISTRATIONS:

Certification in security or systems control related field: I.e., CISSP, CISA, or CISM.

SUPERVISORY RESPONSIBILITIES:

Hires, trains, evaluates, rewards, and terminates employees. Designs, organizes, prioritizes, schedules, and leads work assignments. Fosters good working relationships with various groups. Appraises performance, rewards and disciplines employees, addresses complaints, and resolves problems. Indirectly supervises and guides enterprise employees, contractors, and electronic system users for performance of job functions in accordance with enterprise security programs, policies, and procedures.

COMMUNICATION SKILLS:

Ability to respond effectively to highly sensitive inquiries or complaints

Ability to effectively give persuasive speeches and presentations on controversial or complex topics to various audiences

Ability to read and interpret complex documents such as safety rules, operating and maintenance instructions, and procedure manuals

Ability to write complex reports, regulatory documents, policies and correspondence

Ability to speak effectively before groups of customers or employees of organization

MATHEMATICAL SKILLS:

Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume

Ability to apply concepts of basic algebra and geometry

COMPUTER SKILLS:

In-depth knowledge and experience with mainframe and client/server applications and information security issues

Strong working knowledge of current marketed security tools and technologies

Strong working knowledge of industry regulations (NERC CIP, Sarbanes Oxley, PCI) and industry security standards (NIST, ISO)

ANALYSIS AND PROBLEM-SOLVING ABILITY:

Ability to strategically approach issues. Ability to be proactive, adept at working with cross-functional teams and stakeholder groups. Ability to synthesize complex information. Ability to apply creativity to problem solving and utilize analytic skills and modeling capabilities to provide ongoing insight into the business and to make recommendations and decisions. Ability to identify and develop remediation or mitigation plans as necessary. Ability to coordinate with, and lead, cross-functional team of technical experts.

DECISION MAKING:

Ability to conduct and guide enterprise Information Security project and operations activities and practices within the bounds of approved security programs and policies, and in accordance generally accepted security standards.

SCOPE AND IMPACT:

Electronically protects all enterprise computing platforms for the purpose of providing and preserving confidentiality, integrity, and availability of all corporate systems, applications and data. Electronic protection of systems within the scope of this position is intended to minimize potential costs directly related to operational, legal, regulatory, and reputation risk from loss of enterprise system operation or confidential or proprietary information.. Failure to protect systems from unauthorized electronic access exposes Company to heightened regulatory oversight, monetary sanctions, and increases vulnerability to malicious cyber-attack against Company cyber assets essential to enterprise operations.

PHYSICAL DEMANDS:

While performing the duties of this job, the employee is frequently required to stand, sit, and/or walk up to 2/3 of the time. The employee must occasionally lift and/or move up to 25 pounds.

WORK ENVIRONMENT:

Office environment.

Travel required.

EQUAL OPPORTUNITY STATEMENT

Safety Statement:

Safety is a core value at (TXNM Energy/PNM/TNMP) and our vision, “everyone goes home safe”, reflects our commitment to promoting an environment conducive to learning, improving and building safety practices. Our safety value is built upon the belief that every employee deserves to work in an environment free from harm.

Americans with Disabilities Act (ADA) Statement:

TXNM Energy is committed to providing reasonable accommodations for qualified individuals with disabilities in compliance with the ADA. If you require assistance with the job application process due to a disability, please contact HR ADA Analyst, at 505-241-4627.

DEI Statement:

At TXNM Energy, we value the diversity of our workforce and actively seek opportunities for incorporating Diversity, Equity, and Inclusion (DEI) within our family of companies. We believe a diverse workforce enriches our environment and helps us better meet the needs of our employees, customers, and shareholders. We remain committed to attracting and sustaining a diverse workforce and retaining high-performing employees who work collaboratively to carry out the Company's purpose.

TXNM Energy and affiliates are Equal Opportunity/Affirmative Action employers. Women, minorities, disabled individuals and veterans are encouraged to apply.

#PNMR

DirectEmployers