Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.
- The Manager will be responsible for managing CSOC programs such as, but not limited to, vulnerability management, threat hunting, alert management, purple teaming, etc.
- Build relationships and partnerships with internal and external stakeholders to drive critical operational programs
- Provides leadership & technical guidance on cybersecurity best practices, toolsets and enhanced capabilities
- In-depth knowledge of attack vectors, MITRE Framework and threat management
- Understanding of cloud security best practices and protections
- Oversee specific automation and capabilities and enhancement initiatives
- Ensure that the CSOC analysts provide 24x7x365 monitoring and response to cyber events, and ensures any requirements and SLAs are met daily.
- Technical and leadership escalation point for Cybersecurity Operations teams and CSOC as a whole
- Maintain quality control and oversight for Cybersecurity Operations, Threat & Vulnerability management, and operational functions and programs
- Ensure continuity of operations, and conduct appropriate briefings to provide all updates, assignments, training, and uniform compliance.
- Support the development, revision, maintenance, and implementation of Ccybersecurity Operations processes, protocols,programs and systems.
- Ensure proper escalation and communication of cyber events to leadership as required.
- Liaison with SMEs, business groups, the Network Operations Center, threat & vulnerability management stakeholders, and external entities to inquire for information, escalate alerts, and facilitate communication.
- Lead and manage threat and vulnerability incidents, initiatives, programs and engagements end to end
- Mature capabilities of all cybersecurity operations by driving automation, programs, efficiencies, and operational excellence
- Coordinate with other sections in Information Security as needed to support projects, disseminate information, and implement processes supported by the Cybersecurity Operations & the CSOC
- Directly assist in assessing, developing, and maturing the capabilities of the Ccybersecurity Operations team & CSOC - this includes the maturation of people, processes, and technology.
- Provide briefings to leadership, business areas, and external groups.
- Ensure accurate and timely record keeping and reporting, including case management, metrics, daily reports, and executive dashboards.
- Maintain situational awareness of threats and events that may affect the security of business operations and infrastructure.
- Ensure continuity of operations and conduct appropriate briefings to provide all updates, assignments, training, and uniform compliance.
- Contributes to the development and enhancement of business processes and information systems related projects to track and manage Cybersecurity Operations initiatives, programs and capabilities
- Creates and oversees creation, maintenance and compliance of all process documentation, regulatory requirements, and protocols
- Creates and oversees creation, maintenance and compliance of all regulatory reporting requirements, and protocols
- Oversee major projects as designated by the Systems Manager.
- Ensures 24x7x365 support and on-call on a rotating schedule.
- Perform other related tasks and assignments as required.
- Master's Degree And Minimum two (2) years of experience in IT. Or
- Bachelor's Degree And Minimum three (3) years of experience in IT. Or
- Associate's Degree And Minimum 5 years of experience in IT.
- High School Diploma/GED And equivalent technical certifications (e.g. CISSP, CISM, GCIA, GCIH etc.), and 7 years of work experience in IT.
- Bachelor's Degree preferably in Computer Science
Relevant Work Experience
- Must be highly organized and detail oriented Required
- Previous IT experience is required Required
- Knowledge of security tools required Required
- Good understanding of industry standard policy, processes and procedures covering incident, problem and change management is preferred Preferred
- Previous experience in a NOC, Control Center, or CSOC environment is preferred Pref
Skills & Ability
- Strong verbal communication and listening skills
- Ability to lead/manage others
- Possesses flexibility to work in a fast paced, dynamic environment
- Effective interpersonal skills
- Demonstrated analytical skills
- Ability to simultaneously handle multiple priorities
- Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
- Effective interpersonal skills
Licenses & Certifications
- Driver's License Required
- Other: Technical Certifications (e.g. CISSP, CISM, CIPP, Pentest+, etc.) 1 Year Preferred
- Must push, pull, lift up to 25 pounds
- Must sit or stand to answer a phone for entire shift
- Must sit or stand to use a keyboard, mouse, and computer for entire shift
- Must be able to read small print and symbols.
Other Physical Demands
- Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.
Technical Difficulty Statement
Equal Opportunity Employer
Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.