Senior Cybersecurity Specialist - OT (Operations Technology) - Houston, TX

• Delivers programs and processes to reduce information security risk and strengthen the organization's security posture to addresses complex security incidents.
• Provides guidance on escalated issues that require complex solutions, conducts critical analysis of project status, potential risks, and continual process improvement.
• Coordinates and performs appropriate maintenance to ensure reliable and secure performance of the security systems, including applying security patches, implementing version upgrades, modifying, and improving services and performing ongoing operational management tasks.
• Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
• Prepares and updates plans that identify security weaknesses and establishes milestones and compensates controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
• Leads periodic monitoring of audit log occurences and reports findings and concerns for further analysis and action, including breach notification and initiation of incident response, in accordance with protocols and procedures.
• Performs other duties as assigned.

• Bachelor's Degree in Computer Science, Information Technology, or equivalent relevant work experience.
• Master's Degree is a plus

Experience

• 5+ years' Experience in Information Security, Cyber Security, or relevant roles
• 3+ years Managing the security monitoring, threat and vulnerability, and/or incident response functions of an organization with a complex Information Technology environment

Knowledge, Skills, and Abilities

Technical Skills

• Strong technical understanding of OT security monitoring, threat and vulnerability, and incident response processes, procedures, guidelines, and solutions
• Knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, management systems, and security/compliance
• Understanding of relevant cybersecurity regulations and best practices, pertinent to utility environments (such as NIST SP 800-53/82, NERC CIP, NEI 08-09, ISA 99, NIST CSF and C2M2)
• Deep understanding of operating systems, programming, networking, malware defenses, perimeter controls, security assessment, web applications, intrusion analysis, malware analysis and incident response
• Understanding in network design, configuration, and maintenance with various hardware manufacturers; understanding Programmable Logic Controllers (PLC) / Distributed control Systems (DCS), server virtual machines and industrial network architectures and how to effectively support securing these technologies
• Proficiency in cyber kill chain framework
• Understands information security as it relates to the business and other areas of IT; understands direct impacts and risks to the business
• Strong multi-tasking capabilities, exceptional skills to adjust to multiple demands, shifting priorities, ambiguity and rapid change as well as dealing efficient deal with escalations and difficult situations/people under pressure e.g. to restore services
• An overall understanding of the business objectives of service lines and Core Business Services departments

People Leadership

• Demonstrated skills to collaborate across a diverse technical workforce in multiple locations, overseeing a full range of technology platforms and solutions as well as vendor personnel
• Ability to lead, manage and coach staff; personal drive and energy level to achieve superior results individually and through others
• Excellent communication stills and ability to convey technical concepts to a non-technical audience

Cross Functional Collaboration

• Ability to participate in co-operative working relationships including knowledge sharing and partnership in achieving solutions within and across business or operational functions

Preferred Qualifications

• Professional certifications in Information Security (CISSP, CISM, CISA).
• Bilingual in English and Spanish.

Licenses and Certifications

• Professional certifications in Information Security (CISSP, CISM, CISA)
• Technical certifications (operations i.e. GCIA, GCIH, CEH, SSCP), Note: The Company strives to ensure that employees are paid equitably and competitively. Starting salaries may vary based on factors such as relevant experience, qualifications, and education.

Sempra Infrastructure offers a competitive total rewards package that goes beyond base salary. This position is eligible for an annual performance-based incentive (bonus) as well as merit-based recognition. Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, as well as other company offerings such as tuition reimbursement, paid parental leave, and employee assistance programs., The actual pay rate will depend on the person's qualifications and experience. $129,500.00 - $204,500.00 / year Pay Transparency In order to support the Fair Compensation Strategy by the US Govt., HR Dept., clients are required to adhere to "Pay Transparency Law"; in the impacted states; that have mandated the employers to list the salary ranges in Job advertisements or postings for job opportunities and Job promotions.