Iberdrola USA Manager - Cyber Security Compliance (AMC 62713) Orange, CT or Rochester, NY in Rochester, New York


Business and Department




Scope of Work - Main duties, settings, geography, reporting relationships, other relationships:

Member of the Corporate Security/Cybersecurity & Privacy department management team. Responsible for managing the coordination of AVANGRID cyber security compliance initiatives, including, internal and external audits and reviews to ensure compliance with regulatory standards, and internal policy, rules and best practice. The primary focus of this position will be to drive continuous improvements in the cyber security IT/OT internal control and compliance environments.

MAJOR ROLES AND RESPONSIBILITIES (Scope of work - range of responsibilities):

  • Manage the team of support functions required to field and maintain the readiness and operational capabilities needed to meet compliance obligations.

  • Design, organize, prioritize, and schedule work assignments of staff.

  • Plan, assess, document, execute, review and follow-up on cyber security day-to-day SOX related activities within the ITGC environment.

  • Oversee and lead the SOX ITGC cyber security compliance requests that may include; monthly internal reviews, quarterly internal reviews, semi-annual internal audits and annual external audits.

  • Oversight of evidence gathering, reporting and mitigation planning.

  • Partner with local and global IT/OT and Business Area Leaders to manage/control/perform/audit activities relatedto SOX (and other) regulations.

  • Lead cyber security SOX compliance reviews with internal and external parties.

  • Evaluate AVANGRID and related global cyber security ITGC's to determine effectiveness, identify gaps, andimplement plans to remediate gaps.

  • Influence stakeholders and related business partners to implement necessary process modifications.

  • Participate in and lead meetings to discuss the status of AVANGRID's cyber security/ITGCs environment.

  • Implement on-going methodology for cyber security compliance metrics and status reporting.



Education & Experience Required:

  • Bachelor's degree in information technology, information security with business support experience, in either financial services, energy/utility services and/or related industry. MBA or Masters in Management Information Systems preferred.

  • Five plus years of progressive experience in Information Technology (IT) systems auditing, SOX ITGC auditing,and/or implementing IT security controls required.

  • Five plus years of working with (and implementing) NIST 800 series controls and/or ISO 27001 & 27002 controls and/or COBIT 5 controls required.

  • Experience working with ANSI/ISA 62443 (Security for Industrial Automation and Control Systems) preferred.


  • Ability to communicate complex information, concepts or ideas in a confident and well-organized manner through verbal, written and/or visual means.

  • Ability to build effective relationships for key stakeholders locally and globally and to interact at all levels of the organization.

  • Ability to resolve complex problems and negotiate successful outcomes.

  • Ability to lead work processes and work independently.

  • Ability to communicate with business areas to ensure business needs are being addressed effectively.

  • Ability to travel occasionally, perform after-hours project-related work, and provide on-call support as needed.

  • Strong analytical, problem-solving and decision making skills.

Other Requirements:

  • Project Management certification a plus


AVANGRID is an Equal Opportunity / Affirmative Action employer. AVANGRID shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin.Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, protected veteran status or any other status protected by federal, state, or locallaw. The Company is committed to a policy in all of its employment practices of equal opportunity without regard to

race, color, religion, sex, sexual orientation, gender identity, or national origin, disability, religion, marital status, veteran status, sexual orientation, or other protected status.

If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our Human Resources department at 877-387-9061 or careers@avangrid.com

Company: AVANGRID Management Company (AMC)

Department: Physical and Cyber Security

Job Title: Manager – Cyber Security Compliance

Reports to: Vice President – Physical and Cyber Security

Location: Orange, CT or Rochester, NY

Cross Company Responsibility: Yes

REFERENCE: 5095864302

Publication date: 27.07.2018