Calpine Corporation is America's largest generator of electricity from natural gas and geothermal resources with operations in competitive power markets. Its fleet of 76 power plants in operation and one under construction represents nearly 26,000 megawatts of generation capacity. Through wholesale power operations and its retail businesses, Calpine serves customers in 22 states, Canada and Mexico. Its clean, efficient, modern and flexible fleet uses advanced technologies to generate power in a low-carbon and environmentally responsible manner.

The company was established on the premise that a strong commitment to the environment is inextricably linked to excellence in power generation and corporate responsibility. Since its founding in 1984, Calpine has led the power industry in its unwavering commitment to environmental stewardship. In addition, its renewable geothermal plants use steam generated deep below the earth's surface to produce clean, renewable electricity.

Job Summary (includes but is not limited to the following, other duties may be assigned)

The Information Security Senior Advisor is primarily responsible for executing the cybersecurity incident response lifecycle in conjunction with the team, managing systems and processes owned by the cybersecurity team, and validating/maturing the efficacy of all systems and processes that have a significant impact on the cybersecurity posture of the company.

The Information Security Senior Advisor possesses a strong technical background and understands risk mitigation and technical controls in some combination of the following areas: incident response, Information Security Risk Management (ISRM), secure architecture, identity, business continuity, end-point security, SIEM, web security, email security, and vulnerability management.

This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. The Information Security Senior Advisor also contributes to the company IT security strategy and roadmap.

Job Responsibilities

• Investigate, analyze, and respond to cybersecurity incidents.
• Manage and mature technologies and processes owned by the cybersecurity team including those used for web filtering, end-point protection, incident response, email security, and security awareness.
• Execute and mature processes that have a significant impact on cybersecurity including incident response, Information Security Risk Management (ISRM), secure architecture, identity, business continuity, end-point security, SIEM, web security, email security, and vulnerability management.
• Analyze current computer systems and procedures, and design information systems solutions to help the organization operate more securely, efficiently, and effectively. Bring business and information technology (IT) together by understanding the needs and limitations of both.
• Assess systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
• Analyze technologies and establish highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.
• Lead security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technologies into the organization.
• Support automation and orchestration to maximize team talent and reduce routine tasks.
• Lead by example to create a culture where employees want to work.
• Mentor security team and places a heavy emphasis on employee retention - people, first.
• Recommend necessary changes to the information security team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Stay abreast of the security industry threat landscape, specifically within the company's industry.
• Recognize personal developmental needs and be proactive in obtaining the coaching, networking, and training needed to ensure continued success in the position.
• Create a working environment that is conducive to two-way communication, teamwork, and learning.
• Support the organization, the management team and executive leadership team, even during times of adversity.
• Utilize open communication to ensure the standards, expectations and goals of the organization are respected and upheld.
• Acts as a change agent and drive the department and business forward using effective analysis and strategic skills.
• Assumes responsibility for other duties as required or assigned.

Job Requirements

• Bachelor's degree in computer science, information assurance, Management Information Systems (MIS) or related field, or equivalent.
• CISSP, CISM, GIAC certifications preferred
• Preferably 10+ years of technical hands-on security experience.
• Hands on technical experience with some combination of security solutions MS Windows Defender, MS Exchange Online Protection, MS Azure Security Center, MS Active Directory, Cisco Umbrella, Tanium, Cisco firewalls, Fortinet firewalls, Splunk, MS Azure Sentinel or Rapid 7
• In-depth knowledge of some combination of security standards and frameworks such as NIST, NERC CIP, TSA Pipeline, PCI, and SOX.
• Experience with cloud security and DevSecOps.
• Demonstrate strong written and oral communication skills.
• Demonstrate solid organizational skills and the ability to multi-task and prioritize workload.
• Demonstrate excellent judgment and the ability to make quick decisions and think outside the box when working with complex situations.
• Demonstrate a high level of flexibility.
• Is forward thinking and possesses business acumen.
• Possesses a high level of integrity, trustworthiness, and confidence, and represent the company and its management team at the highest level of professionalism.
• Demonstrate strong analytical skills and is effective at interpreting and applying applicable regulation.
• Work effectively with a variety of personalities and can adapt approach to effectively reach and mentor the team. Use this skill as well as functional knowledge to both earn and maintain a high level of credibility with the team.

Additional Calpine Information

• Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.
• Calpine is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to . Determination on requests for reasonable accommodation are made on case-by-case basis.

Please view Equal Employment Opportunity Posters provided by OFCCP here