Power Industry Jobs

The most used job board by electric power industry professionals.

Cyber Security Program Manager Job

Xcel Energy

Position Type:
Rqd Education: Certification
Rqd Experience: 5+ years
Date Posted: July 25, 2022
Reference Code: 47743-en_US
Job Grade: S
Hierarchy: No - We can only hire at the posted level
Union Position: Non-Bargaining

Position Summary

Responsible for the program management and oversight of regulatory cyber security initiatives or programs by identifying security risk and compliance solutions. The position provides the leadership and strategic direction using knowledge of cyber security administration, security awareness, interface & systems design, and project management. This job is a senior-skill and managerial level with supervisory responsibility for cyber security staff and contractors. The position provides guidance and direction to employees to support production of high quality, timely and cost-effective technical solutions supporting program development and maintenance, risk management and assessment, and regulatory compliance. This position is responsible for managing security risks and threats by collaborating with other business units, utilities, governmental agencies and security related communities to share information. Apply expert level business and technical acumen while defining security and compliance solutions that deliver best practices for building and monitoring controls for information protection and threat management.

Essential Responsibilities

  • Manage cyber security compliance and risk management for nuclear plant critical systems and digital assets per the following responsibilities: • Functions as a point of contact for issues related to nuclear cyber security. . • Provides oversight and direction on issues regarding nuclear plant cyber security. • Initiates and coordinates Cyber Security Incident Response Team (CSIRT) functions as required. • Participate in modifications to Plant digital systems and networks to mitigate cyber vulnerabilities. • Understand the cyber security implications surrounding the overall architecture of plant networks, operating systems, hardware platforms, plant-specific applications, and the services and protocols upon which those applications rely. • Perform cyber security evaluations of digital plant systems. • Conduct security audits, network scans, and penetration tests against critical systems as necessary. • Stay abreast of emerging technology, architecture and compliance (e.g. NRC, NEI NERC, NIST) directions while focusing on advanced Cyber Security techniques
  • Responsible for strategic management of key business unit and external security related relationships to ensure processes and controls are integrated to support company goals and policies for cyber security risk and compliance management. Communicate effectively with senior management, key leadership, business peers, IT peers and vendors to solve business/technical problems and provide technical solutions. Work directly with Business Systems and Nuclear management on escalated security concerns to ensure satisfactory resolution.
  • Execute against the I/T Strategic Plan for assigned business area or technical area of responsibility. Management of activities relative to the business area I/T Plan to include information security, regulatory compliance, compliance against the company's security framework, proactive improvements of risk management and compliance and determination of business and technical requirements for incident response, disaster recovery, availability and fail-over capability or critical systems. Stay abreast of security related risks and impact to the business. Serve as key respondent and facilitator for internal and external security and compliance related audits.
  • Develop risk management or compliance strategies and solutions and conduct planning for the assigned business areas or technical areas of expertise. Lead cross-functional teams to assure that the solutions and plans meet changing business area, customer and competitive requirements. Provide consulting expertise to all stakeholders to ensure plans are integrated into overall business area strategic and operational plans.
  • Develop and leverage key relationships with I/T operational areas and other business operations teams to ensure information risk management and compliance are appropriately prioritized within the overall scope of activities.
  • Provide expert level knowledge and expertise on business processes for assigned business area or areas of technical expertise. Provide internal consulting expertise to key business area customers for information risk management, compliance and other security related expertise supporting information and information systems that support the business functions.
  • Respond to organizational and regulatory initiatives and directives. Must understand and implement necessary controls, procedures, policies or information technology required to support operational objectives.
  • Stay abreast of industry and technology trends and best practices to advise leadership on when to innovate and when to use traditional approaches. Also, keep abreast of current and potential threats and risks for security related information protection and compliance.

Minimum Requirements
  • Bachelor's degree in MIS, Computer Science, Eng. or related or equiv. experience. M.S. desired.
  • At least 5 years cyber security related risk management or compliance experience and nuclear plant experience, or 12 years utility experience including 3 years of compliance or risk management experience (in lieu of IT background), or any combination demonstrating equivalency.
  • Advanced degree may be equiv. to some required work experience.
  • Proven track record of defining business and technical security or compliance solutions.
  • In-depth knowledge of IT systems and nuclear plant systems.
  • Superior communication skills.
  • Proven experience recommending innovative risk management or compliance solutions to support complex business requirements.
  • Superior relationship mgmt., facilitation, project mgmt. and problem solving skills.
  • Strong ability to coach and mentor less experienced team members.
  • Strong knowledge of cyber security threat management and compliance programs.
  • Ability to develop mgmt. style reporting and presentations (e.g., PowerPoint, Excel).
  • CISSP or CISM certification desired.

Competency Band:
  • Operations Management
  • Relationship Management
  • Self Management
  • Strategist
  • Talent Management

Location(s): MN - Minneapolis; CO - Denver
Organization: Strategy Plng and Ext Affairs
Department: 70080:Business Security Risk & Spprt
Schedule: Full-Time

Non-Union jobs will be posted internally for a minimum of 5 business days, after 5 days the job may be unposted at any time.
Union jobs will be posted based on the union agreement.

The anticipated starting base pay for this position is: $100,000 to $142,000 per year

This position may also be eligible for the following benefits and/or pay components: Pay - Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition reimbursement, Transit programs, Employee recognition program, Pension, 401(k) plan, Paid time off (PTO), Holidays, Personal holidays, Volunteer Paid Time Off (VPTO) (full-time employees only), Parental Leave

Click here to see our benefits

Recruiter: Lea M Felty
Hiring Manager: Matthew W Light

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com
About this Employer‍

As a leading electric and natural gas energy company, we offer a comprehensive portfolio of energy-related products and services to 3.4 million electricity customers and 1.9 million natural gas customers across our eight states: Colorado, Michigan, Minnesota, New Mexico, North Dakota, South Dakota, Texas and Wisconsin.

Our workforce of more than 12,000 is rising to the challenge of a dynamic, constantly-changing utility industry. One that requires us to be even more customer focused, forward thinking and productive while remaining committed to meeting our customers’ fundamental need for safe, reliable, affordable energy.

With nearly 50% of our workforce eligible to retire in the next five years, there’s never been a better time to come on board. Do you have a passion for renewable energy, like wind or solar? Or care about giving back to the community? You’ll be in a position to directly impact our energy future.

At Xcel Energy, you’ll be challenged, respected and rewarded. You’ll find an ethical team committed to excellence, safety and environmental stewardship. A dynamic company where you’ll have meaningful work that makes a difference.