IT Security Supervisor
INTERNAL/EXTERNAL JOB POSTING
Information Technology Security Supervisor
Manager of Information Technology
Corporate: 330 S US HWY 301, Sumterville, FL 33585
Based on qualifications and experience
Non Represented - Exempt
Friday, 06/29/2018 until filled
# of Vacancies:
SECO Energy is a not-for-profit electric distribution cooperative serving nearly 200,000 families and businesses across seven counties in Central Florida, making SECO Energy the third largest electric co-op in Florida and the sixth largest in the nation.
Qualified employees will be considered on an equal basis with external applicants.
General Purpose of Job: This position is responsible for implementing and supporting security of electronic data and compliance by creating and instituting measures to safeguard cooperative information on networks; develop security baselines for existing and new technology. Develop cyber security policies and standards that protect the electronic security posture of the cooperative.
Supervisory: This position has responsibility for the direction, coordination and evaluation of employees in IT security and contractor relationships. This person is expected to perform supervisory responsibilities in accordance with the organization’s policies and applicable laws. Responsibilities include interviewing, hiring and training; planning, assigning and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Position Specifications: The following includes the minimum job requirements and essential duties for this position. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. Some job requirements may exclude individuals that cannot be reasonably accommodated or who pose a direct threat or significant risk to the health and safety of themselves or other employees.
Education and Experience:
- Bachelor’s degree in Information Technology Security or other information technology related field.
- Minimum 7 years professional work experience in Information Technology/Cyber Security or related field (such as Networking, System Administration or Database Administration.
- Experience with System or Network Administration (Windows, Linux, Cisco, etc.).
- Must have CISSP.
- Must have 5 or more years of supervisory experience.
- 5 years project management experience preferred.
- SANS and/or Security + certifications preferred.
Knowledge, Skills, and Abilities:
- Knowledge and understanding of Federal, State and local regulatory rules pertaining to security of electronic data; backup and disaster recovery systems; applicable data privacy practices and laws; and knowledge of risk mitigation best practices; developing metrics for electronic security initiatives to demonstrate effectiveness of security initiatives.
- Proficiency in the following areas to include, but not limited to:
- Developing security programs and training cooperative employees in electronic security measures.
- Creating, implementing, testing and reviewing information security protocols, policies and procedures.
- Developing and supervising network penetration testing and vulnerability assessments.
- Creating and updating Information Technology emergency response plans and incident response plans.
- Proficiency in security tools that include: Port scanners, web scanners, vulnerability scanners, exploitation kits, network flow, IDS signatures, password crackers, OSINT, phishing techniques, sniffers, and PowerShell.
- Proficiency in configuration tools that include: SIEM, MDM, syslog, and patching.
- Proficiency in the operation of personal computers; computer networking, internet/web security; disaster recovery, MS Exchange; virtualization, active directory/group policy and computer software applications including MS Office products, customer information systems, etc.
- Excellent customer service orientation skills; ability to use tact and judgment for interaction with employees, managers, vendors, consultants and others; ability to work independently and productively and results oriented in order to complete assignments and meet deadlines.
- Effective leadership skills with ability to make and implement sound business decisions commensurate with responsibilities; demonstrated organizational, prioritization and project management skills to schedule and direct the work of others; analytical and process management skills; demonstrated change management aptitude and ability.
- Effective communications skills including written, verbal, and listening for interaction with employees, management, vendors, consultants and others; ability to analyze and interpret job related business periodicals and technical manuals; prepare reports, business correspondence, procedures and training manuals; prepare and conduct presentations to employees, management and others.
- Ability to keep confidential information confidential; ability to multi-task and effectively manage stress and pressure through changing priorities; ability to remain calm in high stress situations.
- English is the primary business language. Second language in Spanish is desirable
Skills Verification: The skills required for this position may be verified through a combination of education, experience, interview questions, and technical skills exercise(s).
- Valid Florida driver’s license for occasional driving privileges of cooperative vehicles; must have and maintain an acceptable driving record as determined by the Cooperative. Successful completion of SECO Energy’s employment entrance examination and drug screen.
Essential Duties and Responsibilities: This description is intended to indicate the kinds of tasks and levels of work difficulty required of the position given this title and shall not be construed as declaring what the specific duties and responsibilities of any particular position shall be. It is not intended to limit or in any way modify the right of management to assign, direct and control the work of employees under supervision. The listing of essential duties and responsibilities shall not be held to exclude other duties that may be assigned based on the needs of the Cooperative.
- Research, develop, implement, test and review information security protocols and procedures in order to protect information and prevent unauthorized access.
- Develop and implement security policies, procedures for electronic security.
- Develop and implement cooperative training program on electronic security and train all employees annually.
- Conduct research on network security products, services, protocols and standards in support of network procurement and development efforts.
- Actively monitor cooperative networks and devices for security vulnerabilities
- Develop metrics for security initiatives for incremental reporting to management and board of trustees.
- Work with the data center and networking team, application programming team and IT support team to ensure all SECO Energy systems are compliant with applicable policies and regulatory requirements.
- Perform penetration testing and vulnerability assessments on corporate networks and work with the different groups to resolve vulnerabilities.
- Audit security permissions on electronic systems and report policy violations and change recommendations to manager of Information Technology.
- Assist in preparing the annual budget for the information technology security infrastructure; Participate in planning and managing expenditures for network security hardware and software procurement.
- Interact and negotiate with vendors, outsourcers and contractors to secure network security products and services, as directed.
- Prepare project status reports and keep management, clients and others informed of project status and related issues.
- Maintain an active role in SECO Energy’s “Emergency Preparedness Plan” and “Incident Response Plan” to include review of the department’s roles and responsibilities and assist in preparing all documentation following an actual emergency as needed.
Physical Demands and Work Environment: The physical demands and work environment described here are representative of those that must be met by or those an employee encounters to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Some requirements may exclude individuals that cannot be reasonably accommodated or who pose a direct threat or significant risk to the health and safety of themselves or other employees.
- General office environment. Normal work hours will be eight (8) hours between 7:00 am and 6:00 pm, Monday through Friday. Occasional business travel may be required.
- Ability to work irregular hours for assignment completion and flexibility to change scheduling and report to work on short notice during emergency situations.
- Physical ability in sitting, stooping, pushing, crouching, crawling, reaching, standing, walking, pulling, lifting, using fingers, grasping, talking, hearing, extended repetitive motions, defined light level work. Visual acuity required as machine operator.
- Ability to lift and/or move objects weighing up to 10 lbs. on a regular basis and occasionally lift and/or move objects weighing up to 25 lbs.
- Operates a variety of office equipment, including personal computer, calculator, printers, telephone and FAX machine.
While performing the duties of this job, the employee is regularly required to sit, talk, and hear. The employee frequently is required to walk. The employee is occasionally required to stand; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, and the ability to adjust focus.
This position has general office environment. The noise level in the work environment is usually moderate.
- Attend and actively participate in all Job Briefings and Safety Meetings as required.
- Promotes safe work practices
- Demonstrate a thorough knowledge and comply with all applicable SECO Energy safety rules, policies, practices, and procedures.
- Use all required safety protective equipment and utilize all SECO Energy equipment in a safe and efficient manner.
- Be alert to any safety hazards involving SECO Energy equipment and notify the appropriate personnel immediately.
- Operate and maintain cooperative vehicles in a safe manner and obey all federal, state, and local laws applicable to the operation of the vehicle; drive at safe speeds no greater that that permitted by law or other speed control signs or devices.
- Ensure company vehicle is inspected before use and problem areas are reported; ensure vehicle is kept clean an organized with supplies.
- Attend and actively participate in training as scheduled.
- Ability to maintain regular attendance and punctuality during the established working hours.
- Maintain a commitment to excellence and to the Corporate Vision.
- Maintain and encourage open, honest communication with superiors and co-workers.
- Exhibit a commitment to customer focused service.
- Exhibit integrity and honesty in all actions.
- Exhibit a firm commitment to safety.
- Maintain a team player focused cooperative style.
- Exhibit a strong work ethic.
SECO Energy is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.