Job Specifications
About Avantus
Avantus develops, owns, and operates utility-scale clean energy projects across California and the Desert Southwest. Our development pipeline represents one of the nation's largest portfolios of solar with integrated storage, capable of providing dispatchable power to 17 million Americans, day and night. With over a decade of industry leadership and strategic investment from KKR and EIG, Avantus delivers affordable, reliable clean energy solutions that meet America’s growing energy demand.
About The Position
The Sr. Manager, Cybersecurity is responsible for leading the IT Cybersecurity function to ensure the scalable cybersecurity protection of the Avantus business as well as its growing portfolio of utility-scale clean energy operational power facilities. With support from the broader IT team as well as external resources, this person is the key responsible owner to manage and drive improvement for the IT & OT Cybersecurity solutions that protect information assets, business systems, and networks. This role ensures compliance with regulatory and executive reporting requirements, mitigates risks, and leads incident response efforts. The role will collaborate with IT leadership, business stakeholders, and external partners to maintain a robust security posture across the enterprise.
This role reports to the Vice President, Information Technology and Security.
Essential Functions And Responsibilities
Key responsible owner to maintain and improve the efficacy of our IT cybersecurity solutions, controls, procedures, and policies that support the security posture of the company.
Key responsible owner to respond to cybersecurity incidents, delegating investigation analysis and response to internal and external resourcing, as appropriate. Escalate incident response to leadership according to incident response plans, as appropriate.
Drive solutions implementations and systems changes, with the help of internal IT support staff and external consultants, as necessary. Organize and manage projects and the required resources from start to finish.
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to continually develop the strategy and trajectory of the broader IT department and the systems that support the company.
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to execute cybersecurity solution implementations and special projects in support of the broader maturity and scaling of the IT cybersecurity program and its supporting systems.
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to develop controls, standards, best-practice, policy, and process that will streamline cybersecurity operations and help protect the business as we scale.
Lead the continued development and maturity and accuracy of security incident and event management (SIEM) systems, vulnerability management, security analytics, incident response, and other cybersecurity operational systems.
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to strategically support broader IT infrastructure, systems, and cybersecurity initiatives.
Generate and maintain project trackers, reports, or dashboards as helpful and efficient to support the team. Collaborate with IT and business stakeholders to deliver to longer-term projects, successfully documenting and executing change plans, and executing rollouts of cybersecurity systems and features in line with IT department and company goals.
Stay on top of industry trends and new technologies as applicable and relevant to the business, including by leveraging access to various cybersecurity industry subscriptions, community networks, conferences and events, training platforms, and other resources, as supported by the company.
Mentor and provide collaborative cybersecurity guidance to IT team members and business stakeholders.
IT Cybersecurity Program Management Responsibilities
Work closely with the Vice President of Information Technology & Security, as well as other IT staff and external resources, to ensure compliance with and continual improvement to applicable control standards and compliance and risk-management frameworks, for corporate and power generation project entities. Maintain and update risk registers and control remediation reporting for executive audiences.
Drive the development and ongoing maintenance of high-quality and consistent cybersecurity training resources, documentation, and runbooks. Work with IT staff to maintain up-to-date cybersecurity resources on the company Intranet and knowledge bases.
Drive the enhancement of both the quality and frequency of cybersecurity trainings and communications to the business, including templatized notifications, targeted trainings, table-top exercises, and standardized incident responses.
Monitor security operations and logging da
About the Company
Avantus develops, owns, and operates utility-scale clean energy projects across California and the Desert Southwest. Our development pipeline represents one of the nation's largest portfolios of solar with integrated storage, capable of providing dispatchable power to 17 million Americans, day and night. With over a decade of industry leadership and strategic investment from KKR and EIG, Avantus delivers affordable, reliable clean energy solutions that meet America’s growing energy demand.
Know more