Senior Manager, Cybersecurity and IT Systems (Cranberry Township, US)
Westinghouse Electric Company
Job Description
<p style="margin-bottom:13.0px">Are you interested in being part of an innovative team that supports Westinghouse’s mission to provide clean energy solutions? At Westinghouse, we recognize that our employees are our most valuable asset and we seek to identify, attract and recruit the most qualified talent while recognizing and encouraging the value of diversity in the global workplace.</p><h3>About the role:</h3><p>As a Senior Manager, Cybersecurity & IT Systems you will oversee the leadership and execution of the Information Systems and Cybersecurity programs (Governance, Operations, Risk Management, Compliance and Support). You will establish a compliant CUI environment, including achieving and maintaining Cybersecurity Maturity Model Level 2 certification and developing a classified environment for new our requirements. You will report to the COO, WGS work remote. 100% Remote role.</p><h3>Key Responsibilities:</h3><ul><li><p>Establish overall systems architecture vision and ensure that specific components are designed, procured, installed and used.</p></li><li><p>Responsible for company level compliance and architectural standards, guidelines, policies, frameworks, and reference models.</p></li><li><p>Oversee all company-level IT architecture components (e.g., data architecture, application/software architecture, technical architecture).</p></li><li><p>Establish a compliant protected information system (CUI) environment and develop a sustainable model for IT and Cybersecurity future function including company structure and relations with an external service provider.</p></li><li><p>Oversee incident remediation activities to ensure compliance with WGS policies and security and nuclear industry best practices.</p></li><li><p>Lead the IT and Security teams through the Cybersecurity Maturation Model Certification and C3PAO assessment including writing and reviewing WGS procedures and verifying and validating that the WGS process is within compliance.</p></li><li><p>Oversee the Managed Service Provider (MSP) to ensure all company IT and cybersecurity requirements are met.</p></li><li><p>Develop a framework for performing and overseeing the performance of IT risk assessments observing established company risk management policies for projects and of suppliers / vendors and within compliance requirements.</p></li><li><p>Identify, recruit, develop Cybersecurity and IT staff and meet daily IT requests including installing for the WGS IT end-users.</p></li><li><p>Oversee the development framework for performing technical vulnerability and penetration assessments</p></li><li><p>Maintain Main Risk Indicators, including metrics to ensure measurement of risk and threats.</p></li><li><p>Conduct or oversee self-inspections and audits on WGS protected systems at least annually; document, track, and resolve corrective actions</p></li><li><p>Establish and oversee the process for capturing, assessing, decisioning, and reporting risks across the IT organization