Avantus ยท 1 day ago
Sr. Manager, Cybersecurity
San Diego, CA
Full-time
Onsite
Senior Level, Lead/Staff
$173K/yr - $204K/yr
10+ years expAvantus develops and operates utility-scale clean energy projects across California and the Desert Southwest. The Sr. Manager, Cybersecurity is responsible for leading the IT Cybersecurity function to ensure scalable cybersecurity protection for the business and its operational power facilities, managing incident responses, compliance, and collaboration with IT leadership and external partners.
CreditFinancial Services
Responsibilities
Key responsible owner to maintain and improve the efficacy of our IT cybersecurity solutions, controls, procedures, and policies that support the security posture of the company
Key responsible owner to respond to cybersecurity incidents, delegating investigation analysis and response to internal and external resourcing, as appropriate. Escalate incident response to leadership according to incident response plans, as appropriate
Drive solutions implementations and systems changes, with the help of internal IT support staff and external consultants, as necessary. Organize and manage projects and the required resources from start to finish
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to continually develop the strategy and trajectory of the broader IT department and the systems that support the company
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to execute cybersecurity solution implementations and special projects in support of the broader maturity and scaling of the IT cybersecurity program and its supporting systems
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to develop controls, standards, best-practice, policy, and process that will streamline cybersecurity operations and help protect the business as we scale
Lead the continued development and maturity and accuracy of security incident and event management (SIEM) systems, vulnerability management, security analytics, incident response, and other cybersecurity operational systems
Work closely with the Vice President of Information Technology & Security, as well as other IT staff, to strategically support broader IT infrastructure, systems, and cybersecurity initiatives
Generate and maintain project trackers, reports, or dashboards as helpful and efficient to support the team. Collaborate with IT and business stakeholders to deliver to longer-term projects, successfully documenting and executing change plans, and executing rollouts of cybersecurity systems and features in line with IT department and company goals
Stay on top of industry trends and new technologies as applicable and relevant to the business, including by leveraging access to various cybersecurity industry subscriptions, community networks, conferences and events, training platforms, and other resources, as supported by the company
Mentor and provide collaborative cybersecurity guidance to IT team members and business stakeholders
Work closely with the Vice President of Information Technology & Security, as well as other IT staff and external resources, to ensure compliance with and continual improvement to applicable control standards and compliance and risk-management frameworks, for corporate and power generation project entities. Maintain and update risk registers and control remediation reporting for executive audiences
Drive the development and ongoing maintenance of high-quality and consistent cybersecurity training resources, documentation, and runbooks. Work with IT staff to maintain up-to-date cybersecurity resources on the company Intranet and knowledge bases
Drive the enhancement of both the quality and frequency of cybersecurity trainings and communications to the business, including templatized notifications, targeted trainings, table-top exercises, and standardized incident responses
Monitor security operations and logging dashboards, as well as alerts to triage and escalate security incidents, with the ability to delegate to other IT team members or external resources as appropriate
In collaboration with other senior IT team members, assist in the recurring audit responsibilities to maintain cybersecurity controls validation and remediation tracking
In collaboration with cybersecurity consulting and solutions partners, as applicable, maintain features and functionality of cybersecurity solutions in a manner consistent with the needs of the business
Oversee a risk-prioritized recurring testing program to validate effectiveness of security controls across the environment
Proactively recommend improvements to controls to address security gaps and oversee the implementation and validation of approved recommendations
Contribute to and influence the development, implementation, monitoring, and iteration of AI Governance & Enablement strategies for the business
Maintain and keep up-to-date external cybersecurity solutions support and service level agreements and provide recommendations for improvements where applicable
Maintain and keep up-to-date licensing support agreements for cybersecurity systems. Assist with software renewals, license audits and cost governance, and upkeep of contract deadlines and vendor contact details within IT systems of record
Adhere to responsible change management, documentation, and business continuity best-practice and process in coordination with and in support of all team members
Work collaboratively with other IT team members, internal Avantus resources and stakeholders, and external IT solutions partners as one team to solve problems and develop solutions in support of our team and our business
Qualification
Required
10+ years in IT security roles, ideally 5+ years specifically in cybersecurity leadership positions and/or managing IT Cybersecurity Operations and corresponding functions for the enterprise
Proven experience developing and implementing enterprise security programs
Direct experience with NERC CIP Compliance standards and controls a strong plus
Direct experience managing a program adhering to at least one leading industry-standard cybersecurity control framework is a requirement. Experience specifically with CIS, NIST, ISO or other frameworks a strong plus
Proven experience implementing, administering, and supporting the enterprise cybersecurity cloud application and infrastructure stack
Explicit experience securing Microsoft and AWS cloud infrastructures
Skilled in incident response investigation analysis, cross-functional team triage, containment, recovery, post-incident review and root-cause analysis
Security mindset and dedication to best-practice and continual improvement
Service oriented, collaborative, and solution-driven mindset first and foremost
Strong communication skills, attention to detail, and ability to self-organize while parallel-processing and driving projects to completion
Experience with standard principles and practices of project management and budget development, work planning and organization
Preferred
Cybersecurity Certification such as CISSP, CISM, CCSP, or other equivalent certification highly preferred
Explicit experience implementing AI governance for the enterprise is a strong plus
Benefits
401(k) matching
Comprehensive medical and dental plan options
Flexible PTO
Company
Avantus
Avantus develops, owns, and operates utility-scale clean energy projects across California and the Desert Southwest.
51-200 employees
H1B Sponsorship
Avantus has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (4)
2023 (4)
Funding
Current Stage
Growth StageLeadership Team
Tom Buttgenbach, Ph.D.
Founder & CEO
Stephanie Perry
Chief Operating Officer
Recent News
2025-05-28
Company data provided by crunchbase