Department Manager, Operational Technology (OT) Cybersecurity Strategy

Con Edison

New York City, NY
Education
Industry
Qualifications
Benefits
Skills
Experience
Special Commitments
Other
Apply
10,000+ Similar Jobs

Mission Statement:

Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.

Benefits:

We are dedicated to supporting the physical, mental, and financial health of our employees and their families. This commitment extends beyond the workplace to foster personal growth and holistic wellbeing. Our life-changing rewards package includes:

  • Rich medical & pharmacy benefits, including vision benefits
  • Dental benefits
  • Health Savings Accounts
  • Health Care and Dependent Care Flexible Spending Accounts
  • 401(k) with robust matching
  • Employer paid Pension Plan
  • Employee Stock Purchase Plan with a generous matching contribution
  • State of the art Employee Assistance Program
  • Paid Parental Leave
  • Generous paid time off plus paid holidays
  • Family support: emergency backup child, & elder care assistance
  • Social responsibility and volunteer opportunities
  • Employee discount program
  • Commuter Benefits
  • Culture of growth and learning: career development; tuition reimbursement; recognition program
  • Life and Long-Term Disability Benefits
  • Please be aware that some benefits may not apply to provisional or part-time job titles.

We are seeking an accomplished and forward-thinking leader to shape, operationalize, and mature the long-term cybersecurity strategy for our Operational Technology (OT) environments. This role is central to safeguarding the resilience, safety, and reliability of the Company's most critical infrastructureincluding SCADA, EMS, DMS, and industrial control environmentswhile enabling modernization, cloud adoption, AI capabilities, operational excellence, and regulatory alignment. The Department Manager, OT Cybersecurity Strategy, will define and drive a 35-year vision that bridges traditional IT security and industrial control system (ICS) operations. The leader will architect a unified OT security strategy, help direct major capital and O&M investments, mature OT governance, and oversee the evolution of core capabilities such as threat detection, vulnerability management, identity and access management, secure remote access, and integrated OT cyber operations. This is a highly visible role that collaborates closely with Cyber Operations, Engineering, Cyber Governance, Risk, and Leadership teams. It requires a strategic thinker with the ability to design a roadmap, influence cross functional priorities, and ensure effective execution across a complex operational landscape.

Core Responsibilities

  • Define and own the multiyear OT cybersecurity strategy and transformation roadmap, ensuring alignment to enterprise Cyber, ETS initiatives, and operational business needs.
  • Develop an OT security operating model that clarifies roles across Cyber Operations, Cyber Engineering, Cyber Governance, IAM, and operational teams.
  • Establish OT specific standards, architectures, and security patterns, including network segmentation, zero trust alignment, cloud adoption considerations, and medium value/critical zone strategies.
  • Partner with leaders across Cyber, OT Operations, Engineering, Risk, and Compliance to drive governance, structured decision making, and program accountability.
  • Influent multiyear capital and O&M budgets, prioritizing investments that deliver measurable improvements in risk reduction, resilience, and operational efficiency.
  • Provide executive level reporting on program maturity, key risk indicators, threat landscape trends, strategic KPIs/OKRs, and regulatory readiness.
  • Manage and lead the selection, deployment, integration, and lifecycle management of OT security technologiesincluding asset management, IDS/behavior analytics, vulnerability management, secure remote access, and threat intelligence platforms.
  • Drive tool consolidation and rationalization across IT and OT where possible to reduce redundancy, streamline processes, and improve incident response.
  • Ensure seamless integration of OT security tooling with SCADA, EMS, and hybrid IT/OT control center environments in a way that does not disrupt operations.
  • Oversee pilot programs and adoption of emerging capabilities
  • Collaborate with Cyber Operations and the OT CSOC to improve monitoring, detection, response workflows, case management, dashboards, and metrics.
  • Lead, manage, mentor, and grow a team of engineers and analysts specialized in OT/ICS security, elevating technical expertise and building a high-performance culture.
  • Advance strong partnerships with Operations, Control Centers, Engineering, Enterprise Architecture, IT Infrastructure, Cyber Governance, and Program Management teams.
  • Embed security early in projects by shaping design requirements, guiding architecture reviews, and influencing operational technology modernization initiatives.
  • Act as a strategic partner to vendors and managed service providers, ensuring SLAs, delivery quality, and technology outcomes align with program goals.
  • Represent OT Cyber in cross functional governance forums, strategic workshops, audits, tabletop exercises, and business planning cycles (MBRs/QBRs).
  • Ensure strategies and implementations align with NERC CIP, NIST CSF, NIST 800-82, DOE and DHS guidance, and utility sector best practices.
  • Oversee internal and external audits, assessments, and regulatory inquiries related to OT cybersecurity systems and controls.
  • Embed risk based prioritization into decision making and governance, leveraging threat intelligence, incident trends, and operational constraints.
  • Partner with Risk, Compliance, and Governance to refine OT metrics, dashboards, KRIs, and maturity assessments for business and executive stakeholders.

Required Education/Experience

  • Bachelor's Degree and 8 years of related work experience or
  • Master's Degree and 6 years of related work experience

Preferred Education/Experience

  • Bachelor's Degree in Engineering, Computer Science, Cybersecurity, or related discipline and 10 years of related work experience in cybersecurity, engineering, or industrial operations.

Relevant Work Experience

  • 6+ years of experience in cybersecurity, engineering, or industrial operations, required.
  • 5+ years dedicated to OT/ICS security, critical infrastructure, or utility operations, required.
  • 3+ years of leadership experience managing teams, complex initiatives, and budgets, required.
  • Deep understanding of ICS/OT security concepts including industrial protocols (Modbus, DNP3, BACnet), Purdue Model architecture, segmentation, and ICS engineering principles, required.
  • Proven ability to translate cyber risk, technical issues, and operational impacts for executive audiences, required.
  • Experience leading multidisciplinary programs with measurable outcomes, including roadmap execution and capability maturation, required.
  • Relevant industry certifications such as GICSP, GRID, CSSA, CISSP, or equivalent ICS/OT focused credentials, preferred.
  • Handson experience with OT visibility platforms (Dragos, Claroty), OT vulnerability management, PAM in OT environments, or modern SOC toolsets, preferred.
  • Experience collaborating on large-scale operational modernization programs, cloud-security initiatives, or hybrid IT/OT architectures, preferred.

Licenses and Certifications

  • Driver's License Required

Physical Demands

  • Sit or stand to use a keyboard, mouse, and computer for the duration of the workday
  • Ability to stoop, bend, reach, and kneel throughout the workday
  • Ability to read small print and symbols

Additional Physical Demands

  • The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
  • Travel as necessary
  • Ability to respond to emergencies during off-hours

EEO Statement:

Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.

Technical Difficulty Statement:

For technical issues, please contact us at careerconnect@coned.com

Read Full Description
Apply
Jobs at Con Edison
Similar Jobs
Confirmed 16 hours ago. Posted 15 days ago.

Discover Similar Jobs

Suggested Articles

Leaving Consulting: The Why, When, How and What For?
The Joy of B-Corps
What is a Unicorn Startup?
Managing a Software Career
Leaving Banking: The Why, When, and How
Write a Resume Like Leonardo Da Vinci