Power Industry Jobs

The most used job board by electric power industry professionals.

Sr. Governance & Controls Security Analyst Job

Xcel Energy

Location:
Position Type:
Rqd Education: Certification
Rqd Experience: 5+ years
Date Posted: December 5, 2022
Reference Code: 53133-en_US

Location(s): MN - Minneapolis; CO - Denver

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you're looking for.

Position Summary

Significant contributor to the security governance and control program focused on security policies and standards, Technical Control Governance, training and awareness, and metrics and reporting. Technical Control Governance involves the development and evaluation of security controls, self-assessments, spot-checks, risk identification, process gaps, and process alignment. Partners across the security organization, as well as other business areas, to facilitate the adoption of security controls driven by risk-based decision making. Contributes to the organizational continuous improvement program, driving consistency and quality across the organization.

Essential Responsibilities
 

  • Significant contributor to the security governance and control program focused on security policies and standards, Technical Control Governance, training and awareness, and metrics and reporting. Technical Control Governance involves the development and evaluation of security controls, self-assessments, spot-checks, risk identification, process gaps, and process alignment. Partners across the security organization, as well as other business areas, to facilitate the adoption of security controls driven by risk-based decision making. Contributes to the organizational continuous improvement program, driving consistency and quality across the organization.
  • Participate in the review and update cycle for security policies, standards, and controls. Engage with subject matter experts to address new requirements and emerging business needs in a secure manner.
  • Participate in the development and implementation of the security awareness program. Develop and deliver training and awareness content to educate the business about the Technical Control Framework and other programs originating from Security Governance and Risk Services.
  • Compile and review output from the Technical Control Governance program. Collaborate with team members to analyze information and formulate recommendations and reports for management review and decision making.


Minimum Requirements

 

  • BA/BS degree (or higher)
  • Minimum of 5 years of progressive experience in security and IT or OT related fields.
    • Two years of experience with control testing, security standards/policy implementation, security audits, or security risk management. One year of working in a Governance, Risk & Compliance (GRC) function in a highly regulated environment (e.g. Financial) may substitute for up to 18 months experience.
  • Self-starter; adaptable to change.
  • Ability to set and achieve personal and program goals, and to track performance against those goals.
  • Ability to work effectively across the organization, establishing positive working relationships, and building trust.
  • Applies sound judgment and creativity to solve complex problems.
  • Strong verbal and written communication skills.
  • Demonstrated ability to create documentation for technical and non-technical audiences.


Preferred Skills:

 

 

  • Experience in one or more of the following areas: network administration, systems administration, SDLC /secure soft, encryption, asset management, identity and access management, IT Operations, Security Risk Management.
  • Certification in one or more of the following: CISM, CISA, CRISC, CISSP.
  • Experience using a GRC tool (i.e. Archer).
  • Knowledge of regulatory requirements/frameworks such as PCI, CIP, SOX, HIPPA, ISO, NIST, COBIT, or Cyber Security Framework (CSF).
  • Project Management, Program Development, and/or Technical writing experience preferred.

 


Xcel Energy is committed to the safety of its employees and customers, and promotes a Safety Always culture. Because of this, we strongly encourage all employees to be fully vaccinated against COVID-19; however, vaccination is not mandatory. After being hired, you will asked to report your vaccination status and dates of vaccination. This information will be maintained confidentially and disclosed only on a need-to-know basis. If you are not fully vaccinated or choose not to disclose your vaccination status you will be required to follow any health-and-safety rules applicable to unvaccinated employees.

As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you're ready to be a part of something big, we invite you to join our team.

Posting Notes: MN - Minneapolis || MN - Minneapolis; CO - Denver || United States (US) || Strategy Plng and Ext Affairs || 56130:Security Strategy & Compliance || Full-Time || Non-Bargaining ||

The anticipated starting base pay for this position is: $79,000 to $113,000 per year

This position may also be eligible for the following benefits and/or pay components: Pay - Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition reimbursement, Transit programs, Employee recognition program, Pension, 401(k) plan, Paid time off (PTO), Holidays, Personal holidays, Volunteer Paid Time Off (VPTO) (full-time employees only), Parental Leave

Click here to see our benefits

Requisition Number: 53133
All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com

 

About this Employer

As a leading electric and natural gas energy company, we offer a comprehensive portfolio of energy-related products and services to 3.4 million electricity customers and 1.9 million natural gas customers across our eight states: Colorado, Michigan, Minnesota, New Mexico, North Dakota, South Dakota, Texas and Wisconsin.

Our workforce of more than 12,000 is rising to the challenge of a dynamic, constantly-changing utility industry. One that requires us to be even more customer focused, forward thinking and productive while remaining committed to meeting our customers’ fundamental need for safe, reliable, affordable energy.

With nearly 50% of our workforce eligible to retire in the next five years, there’s never been a better time to come on board. Do you have a passion for renewable energy, like wind or solar? Or care about giving back to the community? You’ll be in a position to directly impact our energy future.

At Xcel Energy, you’ll be challenged, respected and rewarded. You’ll find an ethical team committed to excellence, safety and environmental stewardship. A dynamic company where you’ll have meaningful work that makes a difference.