It might seem a bit late to fill the job, but Colonial Pipeline had been looking for a cyber security manager weeks before the ransomware attack. Too bad it didn’t find one.

The company last week suffered one of the highest profile ransomware attacks ever, which shut down a vital artery used to get gasoline and jet fuel from the nation’s Gulf Coast refineries to East Coast distribution points.

posting on the company’s careers web site for the cyber security manager job said the position has been open for more than 30 days.

A statement from Colonial Wednesday said that “the cybersecurity position was not created as a result of the recent ransomware attack.” The company added that it has “several positions open as part of our longer-term growth strategy around talent, as we are constantly recruiting top-tier talent across all functional areas of our business. The position to support cyber security would be an example of that. This is a role that we have been looking to add in an effort to continue building our current cyber security team.”

The job’s responsibilities include “managing a team of cyber security certified subject matter experts and specialists,”as well as leading “the development of the enterprise strategy for cybersecurity.” The posting further states that the selected candidate, “will oversee the development of standards and processes for cyber security; lead the recovery from security incidents; and guide forensics of incidents.”

The company is looking for “someone who has an understanding of emerging security threats in order to design security policies and procedures to mitigate threats where possible,” the posting said.

Job requirements include a bachelor’s degree in computer science, information security, or a related field. Colonial also is looking for someone with “ideally 5+ years of technical experience in the information security field and in addition, ideally 5+ years of practical experience in an incident response role,” said the posting. But it would prefer the job candidate have a masters degree and at least eight years of experience.

The posting was not only on the company’s web site — which itself was offline during part of the day Tuesday. It also was listed on numerous outside job search sites such as Indeed.com, ZipRecruiter and Glassdoor for more than 30 days, as well as some other sites where it appeared to be a new listing as of this week.

The Colonial Pipeline has returned to operations following a cyberattack that snarled gas supply for the eastern U.S. for days, according to Energy Secretary Jennifer Granholm.

“Following this restart, it will take several days for the product delivery supply chain to return to normal,” Colonial Pipeline said in a statement. “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period.”

“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” the statement added.

Hackers had demanded millions in ransom money – which the pipeline operator refused to pay, enlisting help from the Department of Energy, as well as federal, state and local authorities instead. Earlier this week, the company had resumed partial operations under manual control, according to a Wednesday statement from Deputy Energy Secretary Dave Turk.

Source