Website Xcel Energy
Join the Security Risk Advisory team within Xcel Energy’s Enterprise Security and Emergency Management (ESEM) department! Senior Security Risk Analysts partner with the business and technology teams to understand Xcel Energy’s technology landscape, assess risks, and oversee risk management processes across the enterprise.
- Assesses and communicates information regarding business risks with functions across the organization.
- Creates, reviews, and maintains Standards & Standard Operating Procedures and other documentation.
- Partners with the business and technology teams to perform risk analysis, document findings and facilitate risk treatment of identified findings and risks.
- Engages with other departments to sustain, improve, and streamline processes with a primary focus on safety, security, quality, delivery, and cost.
- Performs Security Risk Assessments to identify vendor/third party, new initiatives/project risk, and recommends controls ensuring alignment with appropriate standards and frameworks.
- Builds and maintains relationships with business partners, including understanding their specific risk landscape.
- Security or Risk-related certifications (CRISC, CISSP, CISA, etc.)
- Experience working in the Security for an electric utility, NERC, FERC, a region, or state
- Use of quantitative risk assessments methodologies, such as Factor Analysis of Information Risk (FAIR)
- Experience using MITRE ATT&CK framework
- Third Party Security Risk Assessments
- SAP Security
Qualification & Experience:
- Bachelor’s degree or higher with a concentration in computer science, technology, or business, or equivalent combination of education and experience.
- One year of working in Information Technology, may substitute for up to 1 year experience in a security function.
- Two years of experience with risk assessments, audit, or control testing.
- Minimum of 5 years of experience working in security (physical or cyber).
Company: Xcel Energy
Vacancy Type: Full Time
Job Location: Denver, CO, US
Application Deadline: N/A