Sr. Manager - Cybersecurity and Identity Management

Job Duties & Responsibilities

Cybersecurity Risk Management & Strategy 

• Support the cybersecurity risk management processes by overseeing security and access‑related practices across enterprise IT and OT environments
• Provide risk‑informed input to the CIO regarding cybersecurity considerations related to technology platforms, system architectures, and operational dependencies, including field operations
• Understanding of AI and the governance required to manage the associated cybersecurity risk

Operational Technology Cybersecurity Oversight 

• Oversee cybersecurity practices relevant to OT environments, including supervisory control and data acquisition (SCADA) systems, and other operational platforms that interact with the physical environment
• Coordinate with OT and operational stakeholders to integrate cybersecurity controls in a manner that considers performance, reliability, and safety requirements unique to industrial environments
• Demonstrated ability to influence cross-functional teams of both IT and field operators to adopt security standards that meet the risk tolerance of the company
• Support processes used to assess and manage cybersecurity risks in OT systems, including third‑party connectivity, remote access, and system modernization initiatives, consistent with industry guidance for OT security

Identity & Access Management

• Oversee identity and access management processes used to control access to enterprise and operational systems, including workforce, contractor, and third‑party access
• Support governance processes related to access provisioning, access review, and privileged access in both IT and OT environments
• Coordinate with technology and operations teams to align identity‑related controls with system availability and operational requirements while supporting cybersecurity risk management objectives

Governance & Management

• Support management’s role in cybersecurity governance by maintaining cybersecurity and access‑related policies, standards, and procedures within the CIO organization
• Collaborate with Enterprise Risk Management, Legal, and Internal Audit to align cybersecurity and identity practices with disclosed risk management and governance processes
• Assist in preparing management inputs for cybersecurity‑related governance forums and, as appropriate, board‑level reporting

Cybersecurity Operations & Technology Alignment 

• Infrastructure and platform security, cloud and hybrid technology environments
• Identity‑enabled security controls and access governance
• Vulnerability management and remediation coordination
• Partner with Enterprise Architecture and IT leadership to align cybersecurity and identity practices with the Company’s enterprise technology strategy

Compliance, Audit & Disclosure Support 

• Demonstrate an understanding of SOX controls and how to handle PII related data and other audit and regulatory requirements
• Support internal and external audit activities related to cybersecurity and access controls, including systems relevant to financial reporting and regulated operations
• Maintain documentation and artifacts supporting cybersecurity risk management, governance, and compliance activities
• Assist in evaluating cybersecurity and access‑related issues for potential risk impact and prioritization, including matters relevant to public‑company disclosure considerations under SEC rules