Share this Job
Apply now »

Sr. Cyber Architect

Company:  AVANGRID SERVICE COMPANY
Location: 

Augusta, ME, US

Company

Company

About AVANGRID: AVANGRID, Inc. (NYSE: AGR) aspires to be the leading sustainable energy company in the United States. Headquartered in Orange, CT with approximately $40 billion in assets and operations in 24 U.S. states, AVANGRID has two primary lines of business: Avangrid Networks and Avangrid Renewables. Avangrid Networks owns eight electric and natural gas utilities, serving more than 3.3 million customers in New York and New England. Avangrid Renewables owns and operates a portfolio of renewable energy generation facilities across the United States. AVANGRID employs approximately 7,000 people and has been recognized by Forbes and Just Capital as one of the 2021 JUST 100 companies - a list of America's best corporate citizens - and was ranked number one within the utility sector for its commitment to the environment and the communities it serves. The company supports the U.N.’s Sustainable Development Goals and was named among the World’s Most Ethical Companies in 2021 for the third consecutive year by the Ethisphere Institute. For more information, visit www.avangrid.com

 

 

Purpose

Leads all cyber architects (i.e. Applications, Network, Platforms/Systems, and Data) within the Cyber Architecture group in terms of ensuring integration across all cyber architecture concerns and at all OpCos.  Leads development of architecture requirements, concepts, system-of-systems development, and considers necessary capabilities for all life cycle phases; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.

The Chief Cybersecurity Architecture oversees architecture activities to ensure stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of Avangrid Networks’ architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.  The Chief Cybersecurity Architecture is focused on OT architecture but will also include IT networks and systems as they interact with OT.
 

Responsibilities

  • Lead Cyber Architecture architects in their various architecture-related activities and ensure proper integration across all OpCos: requirements development, design, analysis, trade studies, test, validation, etc. 
  • Lead technical evaluation of cybersecurity concerns for new or updated programs and projects.  
  • Support baseline development and configuration control for architecture and design-related activities.  
  • Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
  • Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
  • Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements. 
  • Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
  • Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
  • Identify and prioritize critical business functions in collaboration with organizational stakeholders.
  • Provide advice on project costs, design concepts, or design changes.
  • Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
  • Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
  • Analyze candidate architectures, allocate security services, and select security mechanisms. 
  • Develop a system security context, a preliminary system security Concept of Operations (CONOPS), and define baseline system security requirements in accordance with applicable cybersecurity requirements. 
  • Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. 
  • Write detailed functional specifications that document the architecture development process. 
  • Analyze user needs and requirements to plan architecture.
  • Develop operational technology architecture or system components required to meet user needs.
  • Document and update as necessary all definition and architecture activities.
  • Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
  • Translate proposed capabilities into technical requirements.
  • Assess and design security management functions as related to cyberspace.

Skills and Requirements

Education Required:

  • BA/BS degree in Computer Science, Engineering, Business, or related field
  • 5 years in Operational Technology Security
  • 10 years of OT/IT/Enterprise architecture and program implementation experience

 

Experience Required

  • Proficient in the Cybersecurity Solution Architecture discipline, processes, concepts, and best practices. 
  • Familiarity with 
    • Computer networking concepts and protocols (especially OT), and network security methodologies. 
    • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
    • Cyber threats and vulnerabilities. 
    • Installation, integration, and optimization of system components.
    • Industry-standard and organizationally accepted analysis principles and methods.
    • Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
    • Experience in OT protocols, operating systems, SCADA and ICS, etc.
    • Security system and software design tools, methods, and techniques.
    • Systems testing and evaluation methods.
    • Critical infrastructure systems with information communication technology that were designed without system security considerations.
    • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
    • Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
    • Organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
    • Multi-level security systems and cross domain solutions.
    • Operational Technology (OT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
    • Demilitarized zones.
    • Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services and network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
    • Physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.

Competencies

  • Be a role model
  • Be agile
  • Collaborate and Share
  • Develop Self & Others
  • Empower to grow
  • Focus to achieve results
  • Technical Skills

Our Selection Process

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions.  This does not include those that will work for Avangrid Renewables

AVANGRID’s employment practices and policies are geared to hiring a diverse workforce and sustaining an inclusive culture. At AVANGRID we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law. Learn more about equal employment by following this link

If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our Human Resources department at 203-499-2777 or careers@avangrid.com


Nearest Major Market: Waterville
Nearest Secondary Market: Augusta Maine

Apply now »