CPS Energy

We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve. Together, we are powering the growth and success of our community progress every day!

Position Summary

The Mgr Security Administration will report to the Technology Group Lead for the ERP Transformation Program. The individual is responsible for partnering with CPS Energy’s Security Organization to manage and maintain the security posture of an organization's Oracle Cloud ERP system, ensuring user access controls, data protection network security and compliance configurations, with security policies by utilizing Oracle Cloud's security features like identify Cloud Service, Cloud Guard and Vault to protect sensitive data and application within the cloud environment. 

Key responsibilities include overseeing the implementation and continuous monitoring of user access controls, data protection measures, network security protocols, and compliance configurations to ensure alignment with organizational security policies and regulatory requirements. The role requires leveraging advanced Oracle Cloud security tools to protect sensitive data, secure application environments, and proactively address potential vulnerabilities.

This role requires both technical expertise and a strategic approach to ensure organizational resilience and data integrity.

Grade: 18

Deadline to apply: 2/8/2025

Tasks and Responsibilities

Value Creation:

• Collaborate with the Security team for a comprehensive security strategy tailored to the ERP Oracle Cloud system, aligning with the company’s overall business objectives and compliance requirements.
• Identify and evaluate potential security risks associated with the ERP implementation. Propose and deploy mitigation strategies to safeguard data integrity and system availability.
• Manage multi-factor authentication (MFA) policies and configurations, Data Masking and redaction techniques to safeguard sensitive information.
• Guide to implement security controls to meet industry compliance requirements (HIPAA, PCI, NERC, CIP).
• Assist to develop & implement Governance, Risk & Compliance (GRC) framework for the organization.

Business Operations:

• Coordinate with the ERP Implementation Partner, Security team and all stakeholders to integrate security features seamlessly into the ERP system. 
• Work with the Security team enforce security policies and procedures, including user access controls, data protection, and system monitoring.
• Establish and monitor key performance indicators (KPIs). Provide regular reports and updates on the security posture and incident trends of the program.

People Development:

• Lead and mentor a team of security professionals, providing guidance and support to ensure effective execution of security tasks and initiatives.
• Develop and deliver training programs to educate employees on ERP security best practices and policies. Foster a culture of security awareness across the organization.
• Work closely with other departments, including IT, compliance, and operations, to ensure integrated security approaches and effective communication on security matters.
• Identify skill gaps within the team and recommend training or hiring strategies to address these needs, ensuring the team remains proficient in current security technologies and practices.

Minimum Skills

Minimum Knowledge and Abilities

Significant experience in security management or administration, with a focus on ERP systems.

One or more of the following relevant certifications:

OCI (Oracle Cloud Infrastructure) 2023 Certified Security Professional

Oracle Financials Cloud: Security Certification Implementation Specialist

And one or more of the following relevant certifications:

CISSP (Certified Information Systems CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

Proven experience in managing security risks, developing security policies, and overseeing large-scale ERP implementations.

Preferred Qualifications

Master’s degree in Information Security, Business Administration, or a related field.

Advanced or additional certifications:

• CEH (Certified Ethical Hacker)
• CRISC (Certified in Risk and Information Systems Control)
• PMP (Project Management Professional)
• Oracle Identity Management Certifications
• GIAC Security Essentials (GSEC)
• GIAC Certified Enterprise Defender (GCED)
• Certified Business Continuity Professional (CBCP)
• CISA (Certified Information Systems Auditor)
• CCSP (Certified Cloud Security Professional)
• NERC-CIP (North American Electric Reliability Corporation – Critical Infrastructure Protection)
• ISO 27001 Lead Implementer or Lead Auditor

Demonstrated ability to manage cross-functional teams, expertise in regulatory compliance specific to the energy sector, and experience with major ERP platforms (e.g., SAP, Oracle).

Competencies

Acting Decisively

Resolving Conflict

Delivering High Quality Work

Driving for Results

Developing Talent

Setting a Strategic Vision

Minimum Education

Bachelor’s degree in Information Security, Computer Science, or a related field.

Required Certifications

Working Environment

Indoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi-functioning printer and calculator.

Ability to travel to and from meetings, training sessions or other business related events.

Physical Demands

Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body.

Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations.

Read Full Description