Xcel Energy Security Analyst - Governance & Controls Job in Minneapolis, Minnesota
Job Grade: P
Hierarchy: No - We can only hire at the posted level
Union Position: Non-Bargaining
During COVID-19 Pandemic this position may require the ability to temporarily work remote within the company service territory until company protocol dictates return to the office criteria has been met.
This position can be based in Minneapolis, MN, or Denver, CO. Only local candidates will be considered.
Responsible for the development and maintenance of the Enterprise Security and Emergency Management policies and , standards, communication and awareness, and metrics and reporting. Interface with the enterprise security organization, including cyber security, physical security, and enterprise resilience, as well as across other business areas, to assess organizational alignment to security controls.
Engage in control assessment activities with Enterprise Security and the business, addressing a range of security and regulatory requirements that are both technical and functional in nature.
Lead the development, review and update cycle for security policies, standards, and controls.
Participate in the development and implementation of communication and awareness.
Minimum of 3 years of progressive experience in security and IT or OT related fields.
Two years of experience with control testing, security standards/policy implementation, security audits, security risk management, or a technical security function.
One year of working in a Governance Risk Compliance (GRC) function in a highly regulated environment (e.g. Financial) may substitute for up to 18 months experience.
Self-starter; adaptable to change; inquisitive.
Ability to set and achieve personal and program goals, and to track performance against those goals.
Ability to develop positive working relationships, and work across different areas of the business.
Can make connections and sound decisions based on known information.
Strong verbal and written communication skills.
Demonstrated ability to create documentation for technical and non-technical audiences.
Preferred Skills and Experience
Experience in one or more of the following areas: network administration, systems administration, SDLC / secure soft, encryption, asset management, identity and access management, IT Operations, Security Risk Management.
Certification in one or more of the following: CISM, CISSP, CISA, CRISC, Security+, CISSP.
Experience using a GRC tool (i.e. Archer).
Knowledge of regulatory requirements and frameworks such as PCI, CIP, SOX, HIPPA.
Working knowledge of one or more control frameworks, including ISO, NIST, COBIT, or Cyber Security Framework (CSF).
As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you’re ready to be a part of something big, we invite you to join our team.
Posting Notes: MN - Minneapolis || CO - Denver; MN - Minneapolis || United States (US) || Customer And Innovation || 70080:Security Governance & Risk Svc || Full-Time || Non-Bargaining ||
The anticipated starting base pay for this position is: $62,700 to $89,033 per year
Click here (https://jobs.xcelenergy.com/content/Total-Rewards/?locale=en_US) to see our benefits
Requisition Number: 26581
Equal Opportunity Employer: Minority/Female/Disability/Veteran
Individuals with a disability who need an accommodation to apply please contact us at firstname.lastname@example.org