Director Cyber & Physical Security

Director Cyber & Physical Security

Requirements

• Bachelor’s Degree Emphasis in information technology, business administration, or related area Required
• 10 years of technical experience that includes systems analysis, design, development, testing and implementation.
• 7 years of supervisory experience.

Responsibilities

• Performs all leadership duties including, but not limited to, hiring and rewarding talent, fostering a safe workplace, partnering with employees to set clear goals and expectations, providing timely and specific feedback on performance, developing improvement plans to address performance gaps, addressing conflict with care and respect, identifying opportunities for growth and development, embracing and modeling a mindset of lifelong learning, ensuring employees report to work fit for duty, adhering to our Code of Conduct and modeling Alliant Energy’s Core Values at all times.
• Responsible for strategic and long-range planning for all IT, OT, and physical security programs to ensure the integrity, confidentiality, and availability of information owned, controlled, or processed by Alliant Energy.
• Directs the planning, development, enhancement, and maintenance of the IT, OT, and physical security strategic plan from both a business and technology perspective.
• Engages with business representatives to design, implement and facilitate a globally standardized governance structure to IT, OT, and physical security.
• Reports out to senior leadership (Alliant Energy Officers and Board of Directors) on the maturity of the physical and cyber security program utilizing established frameworks such as the NIST Cyber Security Framework (CSF) v2.0.
• Directs a team responsible for anticipating and proactively identifying, assessing, protecting, detecting, responding and recovering business issues, vulnerabilities, risks, and exposures that may impact business operations.
• Influences internal and external constituents, and relays best practice recommendations based on the evolving threat landscape to protect physical and intellectual property.
• Defines key performance indicators (KPIs) and metrics that align with business initiatives and delivers them to non-technical individuals in an effective, understandable manner.
• Engages with business units for stringent vetting and continual assessment of the supply chain (third party risk management).
• Directs the technology-related risk program. Identifies requirements and oversees the strategy to implement solutions to maintain physical and cyber security compliance programs (e.g., NERC CIP, TSA (natural gas), etc.) maximize efficiency, address audit requirements, and prevent or mitigate the impacts of cyber-attacks on our IT and OT infrastructure. The team will take a structured, efficient approach to managing risk and ensuring compliance with relevant laws, regulations, governing policies, and standards.
• Engages in other duties as needed that support Alliant Energy’s Values and helps deliver on our Purpose to serve customers and build stronger communities.

Preferred Qualifications

• Master’s Degree Preferred
• At least one Information Security related certification that requires obtaining at least 20 CPEs per year such as CISA, CISM, CISSP (highly recommended), CRISC or capable of obtaining certification within two years Preferred
• Physical Security certification (i.e. Certified Protection Professional/CPP) Preferred
• Experience in IT security management
• Risk management experience as it relates to information technology
• Experience in crisis/incident management
• Experience in physical security management