Skills: IT - Analysis & Management, Risk Management, Security
Other Skills: Information Protection, Cyber Security, IT Audit, NIST, ISO
Experience: 8 + Years
Education: Bachelors/3-5 yr Degree
Location: Minneapolis, MN, US
In order to apply for this position, applicants MUST meet the following criteria. If your resume does not match these criteria, you will not be able to apply for this position.
Located in region: North America
Location(s): CO - Denver; MN - Minneapolis
Are you ready to take your leadership potential to the next level with a growing Fortune 500 company?- Xcel Energy is at the leading edge of an industry that is changing quickly. We-re seeking dynamic, proven leaders to help guide us into this exciting energy future. If you-re looking to lead at a company that is committed to excellence, safety and environmental stewardship, with plenty of room to grow, consider a position at Xcel Energy.
Xcel Energy-s ESS team is responsible for all aspects of security including Cyber, Physical, Enterprise Continuity, Governance and Risk services.- This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in.- Come join this high-energy team in building a best-in-class Cyber Security program tasked with protecting the critical infrastructure Xcel Energy-s customers depend on.
Xcel Energy is hiring a Manager of Security Risk Management to be based out of Denver, CO or Minneapolis, MN. The Manager will direct a staff of approximately 7 individuals (FTE & contractor), guide troubleshooting of obstacles & strategies. Travel will be required within our service territory and to industry events (approximately 25%). The Manager will need to have strong interpersonal and written communication, collaboration, and relationship building skills.
Responsible for developing, implementing and managing the strategy around the Risk Management Frameworks, including Risk Assessments, Risk Scoring and Response, Vendor Risk, Data Privacy and Protection. Primary point of contact in relation to enterprise security risk management. Accountable for maturing risk frameworks and associated governance, and ensuring there is an appropriate security risk posture for the organization. This position will be a leader and influencer in the development of a security culture throughout the enterprise.
- Manages the creation and execution of the Enterprise Security Risk Strategy. Ensures the Enterprise Security Risk program and all related processes and procedures are developed and maintained through continuous improvement as needed. Partners with the Enterprise Security Services leadership and key business area leaders to ensure alignment with security risk frameworks and risk tolerance levels. Work will include relationship building and strategy alignment with senior business leaders to develop and facilitate a security risk model that allows for risk based decision making across the enterprise.
- Manage a dynamic and highly technical team responsible for vendor security, risk assessments, issue remediation and risk communication to key stakeholders.
- Provides regular updates to key stakeholders in the form of security risk metrics and dashboards to communicate risk levels and facilitate risk based decisions.
- Actively and professionally engage business partners in conversations that educate and drive good risk decisions for the enterprise. Facilitate and provide consulting to business partners through thought leadership in Security Risk Management.
- Directs security activities and assessments with 3rd party partners to develop the risk plans, the remediation and ongoing adherence to our risk model.
- Assesses and applies current security trends to internal risk management practices.
- BA/BS with a concentration in computer science, technology, or business or equivalent combination of education and experience.
- At least 8 years experience in the area of IT, Information Protection, Cyber Security, or IT Audit, including at least 3 years experience in a leadership capacity with experience working with business leaders regarding security risk topics.
- Experience utilizing common security frameworks, including but not limited to NIST and ISO.
- Demonstrated ability to develop and present risk information to all levels of an organization.
- Candidate should demonstrate a strong knowledge of security controls, security risk and the ever changing security threat landscape.
- Experience building and leading a high performing team and establishing strong working relationships with business partners.
- Demonstrated ability to work across organizational boundaries, and influence others.
- Ability to define and manage internal projects and milestones, and demonstrated leadership skills.
This position requires a behavioral assessment prior to being considered for an interview.
As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you-re ready to be a part of something big, we invite you to join our team.
Posting Notes:- MN - Minneapolis