Skills: Facilities Management, Risk Management, Security
Other Skills: Risk and Compliance (GRC), CISM, CISSP, CISA, CRISC, ITIL Foundations, Six Sigma, PMP
Experience: 5 + Years
Education: Bachelors/3-5 yr Degree
Location: Denver, CO, US
In order to apply for this position, applicants MUST meet the following criteria. If your resume does not match these criteria, you will not be able to apply for this position.
Located in region: North America
Xcel Energy-s ESS team is responsible for all aspects of security including Cyber, Physical, Enterprise Continuity, Governance and Risk services. This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in.- Come join this high-energy team in building a best-in-class Cyber Security program tasked with protecting the critical infrastructure Xcel Energy's customers depend on.
We are hiring a Senior Security Analyst, Security Governance to be based out of Denver, CO or Minneapolis, MN.
The Senior Analyst will regularly interface and lead meetings with stakeholders and meet with other departments to discover and implement ways to enhance processes. The successful applicant will need to have experience in six-sigma, business analysis, and/or governance processes. The ability to build rapport and maintain relationships will be a must along with strong interpersonal communication skills. Soft skills needed to be successful in the Senior Analyst role include being a self-starter, interpersonal communication skills, and the ability to build rapport and maintain relationships.
Driver and key contributor in the development of an enterprise Governance, Risk and Compliance (GRC) Program. Develops new standards and controls as dictated by the needs of the organization. Supports the entire Enterprise Security Services management team in the area of governance and process analysis and improvement. Partners across the Enterprise Security Services organization and key business areas to facilitate alignment with security governance practices and compliance with corporate policies and standards, and control frameworks. Work will include relationship building with senior business leaders to facilitate a governance process that allows for risk based decision making. Responsible for an organizational continuous improvement program, including the development of processes and procedures to drive consistency and quality across the organization.
- Develops a holistic view of the organization, with a comprehensive understanding of processes, procedures, tools, and technologies through development of key stakeholder partnerships.
- Collaborates with key leadership to develop and execute Security Governance Strategy by defining, developing and facilitating risk-based Governance processes.
- Defines, builds, implements and evaluates Security Services Process Model.
- Compiles, reviews, and analyzes security information to formulate recommendations and reports for management review and decision making.
- Facilitates and champions a continuous improvement program for security procedures.
- Leads governance processes for key Security Services. Monitors and adjusts security services protocols to mitigate risk. Drives requirements around the development, tracking, and reporting of organizational metrics.
- Bachelor's degree
- 5+ years of industry specific experience or experience in a security-related field.
- Proven success developing and driving strategy within an organization, and translating strategy and concepts into actionable plans; ability to positively impact organizational change. Solid knowledge of process improvement concepts and techniques.
- Ability to work effectively across the organization, establishing positive working relationships, and building trust. Applies sound judgment and creativity to solve complex problems. Ability to excel in a rapidly changing environment and be comfortable working through obscurity. Strong verbal and written communication skills, with the ability to bridge terminology gaps between organizations; strong presentation and reporting skills. Demonstrated ability to write effective process and procedure documentation. Knowledge of Governance, Risk and Compliance (GRC) tools.
- Master Degree preferred.
- Certification in an area such as CISM, CISSP, CISA, CRISC, ITIL Foundations, Six Sigma, PMP
- Experience with GRC tools (i.e. Archer)
- Experience with regulatory requirements and control frameworks such as PCI, CIP, SOX, HIPPA