Energy Future Holdings Corp. is a Dallas-based, privately held energy company with a portfolio of competitive and regulated energy companies. TXU Energy, Luminant and Oncor, EFH’s primary businesses, serve the high-growth Texas electricity market, which is one of world’s largest and among the nation’s most successful competitive markets. These businesses serve the high-growth Texas electricity market, which is one of the world’s largest and among the nation’s most successful competitive markets.
Manager II, IT Security Operations
The. Manager II (Manager), IT Security Engineering will support the Energy Future Holdings cyber security program and is responsible leading and delivering a comprehensive approach to security engineering, through the management of a mid-size team which will include corporate and plant engineers.
In the operations role, the Manager will lead a team of Security Engineering personnel to execute security operations requests, incidents, changes, and problems. The Manager will also drive NRC/NEI compliance control initiatives which includes monitoring, troubleshooting, and maintenance of plant security technology.
This candidate will report to the Director of Tech Services Security and be part of the EFH Tech Services Security team – located in downtown Dallas, TX. A minimum of 20% travel is required to other business unit facilities located throughout Texas, and is required to be available on weekends and evenings.
The primary responsibilities of the Technology Services Security Engineering Manager II position are:
Management of the security engineering staff.
Management and administration of staff responsible for security tools such as SIEM, vulnerability management/configuration management, malware detection, file integrity monitoring, multi-factor, web content filtering, and others. Maintain operational run books for security infrastructure/tools supported. Provide update to date asset management of security tools, and partners closely with IT management responsible for overall company asset management of devices.
Develops and leads security engineers in the implementation and support of a wide array of security tools and technologies and must posse a background in Windows and Unix as well as switch, routers and firewalls.
Serves as the escalation point for all security engineering, reviews all work product; and ensures efficiency and quality within the team.
Evaluates various security alerts (vendors and other information sharing forums) and ranks remediation recommendations according to enterprise risk. Participate as subject matter expert on the company’s threat roundtable reporting on emerging threats and the company’s vulnerability state.
Contributes to the development and maintenance of the information security strategy – defense-in-depth program. Provides periodic metrics for the operations, threat and vulnerability management program to IT Security leadership.
Delivers a leadership role in providing network and system security advice and risk analysis to business units who engage with the Information Security team.
Supports the Business Continuity, Technology Services Risk, and Disaster Recovery functions. Assists in keeping the Incident Response plan evergreen. Assists with exercises and training the incident response teams and participates in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Acts as a technical consultant on information security incident investigations, and forensic technical analyses.
Supports the Technology Services Security controls to meet the requirements of all regulatory requirements or contractual requirements; NACHA, PCI (Payment Card Industry) Security Standards, state and federal Privacy law, Sarbanes Oxley Act (SOX), and NERC, NEI, NRC, etc
Supports Regulatory Compliance function, and provides evidence in Technology Servcies compliance activities in support of internal and/or external audits
Partners with the Technology Services Security Architect staff, infrastructure personnel, and network and / or operations teams, to ensure the implemented technologies are integrated and fully utilized as intended in the protection of Company’s assets.
Communicates effectively at different levels within and outside the organization – leadership/management, business stakeholders, software vendors and sourcing suppliers.
Develops and fosters strategic relationships and establishes key organizational partnerships.
Perform other related duties as assigned.
Education and Experience
Bachelor’s Degree or equivalent experience in Information Technology and Security Operations. Minimum fours (4) year’s experience in various IT roles, and proven and experience with leading a mid-size team.
Minimum of three (3) years hands on experience administrating Linux Operating systems.
Minimum of three (3) years hands on experience administrating Windows Operating Systems
Experience in incident response, computer forensics and network forensics.
Demonstrated understanding of the following concepts and technologies:
Defense in depth security models and security management practices
Cloud Security Concepts (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data protection
Security architectures for a large scale SOA project that involves cross enterprise information exchange.
SDLC process and the ability to follow the process to effectively develop and design solutions.
Application Security Vulnerabilities such as OWASP Top 10, CWE/SANS Top 25 and remediation approaches
Experience with enterprise technologies, authentication and authorization schemes (Active directory, LDAP, etc.)
Technical documentation, including product documentation, technology and process best practices, and technical whitepapers.
Relational Databases, Middleware Applications, Collaboration and Document management solutions.
Demonstrated experience teaming with business and IT stakeholders at all levels, to deliver and sustain high caliber on projects and operations.
Demonstrated cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions.
Active industry certification(s) required (such as CISSP, CISA, CISM, CEH, SANS – GSEC, GCIH, etc)
In-depth experience with IT audit/assessment/examination; SAS 70/SSAE practices; PCI, NACHA, ITIL; ISO-standards; NIST, CobiT and Industry standard application development methodologies
Establishes and maintains strong working relationships with groups involved with information security matters such as the Legal Department, Internal Audit Department, Physical Security Department, Information Technology Department, Information Security Council, HR and all outsourced IT organization
Required Personal Characteristics:
Ability to self-manage including planning, providing status updates and metrics
Ability to work independently and as part of a team.
Self-starter and self-motivating.
Excellent problem solving, analytical, communication, organization, task and time management skills
Capable of delivering results through a position of influence, not authority
It is the policy of the Company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, disability, genetic information, military service, protected veteran status, or any other consideration protected by federal, state or local laws.