Senior Director, Information Security at JEA (Jacksonville Electric Authority)
JEA (Jacksonville Electric Authority) · Jacksonville, United States Of America · Onsite
- Senior
- Office in Jacksonville
The Senior Director, Information Security provides strategic leadership and direction for JEA's enterprise information security program. Reporting to the Chief Information Officer (CIO), this role is responsible for establishing and advancing the organization's security strategy, governance, and risk management framework and practices. The Senior Director ensures alignment of security initiatives with JEAs technology roadmap and business objectives while overseeing the effective execution of security operations. This role serves as the CIOs key advisor on matters of information security risk, resilience, and regulatory compliance, including NERC CIP, PCI, FACTA, and other regulatory frameworks.
- Oversees the information security environment, implementing standards-based programs, developing policies and guidelines, assessing information technology controls, and leading associated initiatives.
- Advises the CIO and other senior JEA leaders on cyber risks, regulatory obligations, emerging technologies, and security investments.
- Provides strategic leadership in defining and executing a continuous improvement roadmap for the security program, using key performance indicators and reporting to optimize effectiveness and drive results.
- Reports to JEA Board of Directors and senior management on information security program performance, including awareness initiatives, incidents, and advancing information security trends.
- Stays abreast of information security issues and trends, emerging security solutions, and regulatory changes, ensuring alignment with organizational objectives.
- Leads the development and execution and advancement of JEA's enterprise information security program, including policies, standards, governance, and regulatory requirements.
- Oversees incident response, threat detection, and risk mitigation activities across IT and integrated OT environments, ensuring effective coordination and reporting.
- Ensures compliance with applicable standards and regulations (e.g., NERC CIP, FERC, HIPAA, etc.) and leads IT Security response for regulatory activities including root cause analysis and mitigation plan development.
- Provides senior leadership with regular, strategic updates on the organization's security posture, incidents, trends, and program maturity.
- Collaborate with internal stakeholders (e.g., audit, compliance, legal, etc.) to assess risk, implement controls, and strengthen enterprise risk management practices.
- Provides strategic oversight of vendor and third-party risk assessments, ensuring secure and compliant external partnerships.
- Conducts, supports, and/or directs security awareness initiatives, including phishing and social engineering simulations, fostering a proactive culture of accountability.
- Manages security-related budgets and resources, advancing staff development, and performance.
- Develops business cases including cost benefit analysis and Requests for Proposal (RFP) to support related technologies, initiatives, and programs.
- Provides leadership and example in meeting JEA's safety and wellness goals.
- Performs other job-related duties as assigned.
- Valid driver's license (must be maintained during employment)
- ISACA CISM (Certified Information Security Manager)
- ISACA CRISC (Certified Risk and Information Systems Control)
- ISC2 CISSP (Certified Information System Security Professional)
PHYSICAL REQUIREMENTS | ||||
Sitting | Up to 8 hours per day | Lifting | Up to 2 hours per day | |
Walking | Up to 5 hours per day | Up to 50 max. pounds ** | ||
Standing | Up to 3 hours per day | Pushing | Up to 1 hour per day | |
Bending | Up to 3 hours per day | Up to 50 max. pounds** | ||
Squatting | Up to 2 hours per day | Pulling | Up to 1 hour per day | |
Stooping | Up to 2 hours per day |
| Up to 50 max. pounds** | |
Reaching | Up to 2 hours per day | Climbing | Up to 1 hour per day | |
Balancing | Up to 1 hour per day | Stairs | Up to 1 hour per day | |
Twisting | Up to 1 hour per day | Ladder | Will not generally apply | |
Crawling | Up to 1 hour per day | Stepstool | Up to 1 hour per day | |
Kneeling | Up to 1 hour per day | Excessive heat | Up to 5 hours per day | |
Typing | Up to 5 hours per day | Excessive cold | Up to 1 hour per day | |
Data Entry | Up to 5 hours per day | Dust | Up to 1 hour per day | |
Humidity | Up to 5 hours per day | |||
Loud Noise | Up to 1 hour per day | |||
Hands in Water | Will not generally apply | |||
Unusual hearing or vision demands: | None | |||
Other physical demands or notes: | **JEA employees should not attempt to lift, pull or push a load more than 50lbs. without assistance. Care should always be taken when lifting, pushing or pulling in an awkward position. | |||
