Manager, Cyber Security

Highlights of the job

The OT Cybersecurity Manager plays a key leadership role in protecting the systems that keep EPCOR’s water and wastewater operations safe, reliable, and resilient. You’ll guide the development and execution of our OT cybersecurity strategy, evaluate SCADA and network environments against leading industry standards, and represent the U.S. Business Unit in enterprise cyber governance. You’ll oversee the design and lifecycle of critical security technologies, provide hands‑on support when needed, and lead contractors and partners who help deliver major initiatives.

You’ll also mentor a talented team of Cybersecurity & Network Engineers and collaborate closely with Operations, Maintenance, and Instrumentation & Controls to strengthen our security posture. This role directly supports EPCOR’s commitment to delivering essential services to the communities we serve, ensuring our systems remain secure, dependable, and future‑ready.

• Lead the operational technology (OT) cybersecurity program and team responsible for the performance and security of computer systems and data communication networks that enable reliable operations at our water and wastewater facilities.
• Lead the development, implementation, and maintenance of OT cybersecurity programs including vulnerability management, disaster recovery, incident response, access management, and auditing and reporting.
• Evaluate OT networks and supervisory control and data acquisition (SCADA) systems for alignment with the NIST Cybersecurity Framework (CSF), AWWA Cybersecurity Guidance, and other regulatory requirements or relevant standards through internal and third party assessments. Act as one of the representatives for the US Business Unit on EPCOR cyber governance teams.
• Oversee the design, installation, and evergreen refresh for systems and toolsets such as firewalls, centralized log management (SIEM), hypervisors, endpoint protection, and network anomaly monitoring. Provide direct administration and support of these systems when necessary including travel to work sites to review work quality or assist in implementation. Manage contractors for projects or ongoing services including scoping and bidding of work.
• Lead and manage the work of Cybersecurity & Network Engineers, and act as a subject matter expert for cybersecurity & networking standards and industry best practices. Coordinate collaboration with the Instrumentation & Controls team on projects and educate on best practices. Identify development opportunities such as industry conferences, training courses, and online resources.
• Assist the SCADA & Controls Group Director with planning, managing, and delivering the capital project budget for SCADA & Controls. Work with team members or draft own capital project submittals. Identify potential roadblocks to project execution and proactively mitigate these where possible.
• Coordinate resources for system support with Operations and Maintenance teams to ensure that process control systems continue to meet operational requirements efficiently and reliably.

• Associates or higher degree in Computer Science, Information Technology, Engineering, Industrial Automation or equivalent experience in lieu of degree required.
• Requires advanced computer and networking knowledge including an understanding of the OSI model and IP networking, Microsoft Windows Server and Active Directory management, and firewall policy and VPN configuration.
• Capable of directing contractor work and managing projects from conception through completion.
• This role will have supervisory responsibilities and will serve as a mentor and resource to OT Cybersecurity & Network team members.
• Able to direct and review network and server administration by others. Knowledge of industrial control system (ICS) security standards including the NIST CSF, NIST SP 800-53 and 800-82, or ISA/IEC 62443 is preferred.
• Familiarity with ICs systems and concepts including Allen‑Bradley PLC systems, the Purdue model and industrial DMZ architecture, and OT network monitoring systems such as Dragos, Claroty, or Nozomi is required.
• Five (5) or…