Share this Job

Senior Security Risk Analyst Job

Location(s): CO - Denver; MN - Minneapolis; TX - Amarillo; WI - Eau Claire

 

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you’re looking for.

 

 

Position Summary

Join the Security Risk Advisory team within Xcel Energy’s Enterprise Security and Emergency Management (ESEM) department! Senior Security Risk Analysts partner with the business and technology teams to understand Xcel Energy’s technology landscape, assess risks, and oversee risk management processes across the enterprise. Most risk management activities are focused on cyber risk but ESEM is responsible for both physical and cyber risks and managing risks from all-hazards. Depending on the team, analysts may focus on enterprise IT, operational (including industrial control systems), or nuclear business units.

 

This position can be filled out of one of the following locations: Denver, CO, Minneapolis, MN, Eau Claire, WI and Amarillo, TX.

 

Essential Responsibilities

  • Performs Security Risk Assessments to identify vendor/third party, new initiatives/project risk, and recommends controls ensuring alignment with appropriate standards and frameworks.
  • Engages with other departments to sustain, improve, and streamline processes with a primary focus on safety, security, quality, delivery, and cost.
  • Partners with the business and technology teams to perform risk analysis, document findings and facilitate risk treatment of identified findings and risks.
  • Creates, reviews, and maintains Standards & Standard Operating Procedures and other documentation.
  • Assesses and communicates information regarding business risks with functions across the organization.
  • Builds and maintains relationships with business partners, including understanding their specific risk landscape.
  • Uses professional knowledge, skills, and experience to influence and guide, monitor, and credibly challenge business areas as they manage risk and make risk decisions.
  • Mentor/coach Security Risk Analysts

 

Minimum Requirements

  • Bachelor’s degree or higher with a concentration in computer science, technology, or business, or equivalent combination of education and experience.
  • Minimum of 5 years of experience working in security (physical or cyber).
  • One year of working in Information Technology, may substitute for up to 1 year experience in a security function.
  • Two years of experience with risk assessments, audit, or control testing.
  • Experience and expertise in security and lifecycle management, auditing methodology, and technology risk assessments.
  • Self-starter and able to work independently; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
  • Ability to document and communicate risks and controls succinctly to both business and technical stakeholders.
  • Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
  • Solid understanding of information security policies, standards, industry best practices, and frameworks.
  • Strong business acumen with the proven ability to bridge the gap between business and technology.

 

Preferred Requirements (experience in one or more)

  • Security or Risk-related certifications (CRISC, CISSP, CISA, etc.)
  • Use of quantitative risk assessments methodologies, such as Factor Analysis of Information Risk (FAIR)
  • Experience conducting benchmarking or assessments using the NIST Cyber Security Framework (CSF)
  • Cyber risk assessments of cloud-based services (e.g.: SaaS, IaaS, PaaS)
  • Experience using MITRE ATT&CK framework
  • FedRAMP experience
  • Third Party Security Risk Assessments
  • SAP Security

 

During COVID-19 Pandemic this position may require the ability to temporarily work remote within the company service territory until company protocol dictates return to the office criteria has been met. Telecommuting Policy: A plan has been created to officially rollout a hybrid work-from-home option that will take effect when it is safe to move forward to return to the workplace. This position will participate in this new policy.

 

 

_______________________________________________________________________________________________

 

COVID-19 Vaccine Requirement
COVID-19 continues to significantly impact our employees, families and communities. With employee health and safety as our top priority, Xcel Energy requires all persons be fully vaccinated or receive a formal medical or religious accommodation prior to their start date, unless prohibited by state or local law.

 

As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you’re ready to be a part of something big, we invite you to join our team.
    

 

Posting Notes:  CO - Denver || CO - Denver; MN - Minneapolis; TX - Amarillo; WI - Eau Claire || United States (US) || Customer And Innovation || 70080:Business Security Risk & Spprt || Full-Time || Non-Bargaining ||
 

The anticipated starting base pay for this position is: $77,000 to $109,666 per year

 
This position may also be eligible for the following benefits and/or pay components: Pay - Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition reimbursement, Transit programs, Employee recognition program, Pension, 401(k) plan, Paid time off (PTO), Holidays, Personal holidays, Volunteer Paid Time Off (VPTO) (full-time employees only), Parental Leave

 

Click here to see our benefits

 

Requisition Number: 40271

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com

 

EEO is the Law | EEO is the Law Supplement | Pay Transparency Nondiscrimination | Equal Opportunity Policy (PDF) | Employee Rights (PDF)


ACCESSIBILITY STATEMENT
Xcel Energy endeavors to make https://www.xcelenergy.com/ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Xcel Energy Talent Acquisition at recruiting@xcelenergy.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

 

 

 

 

 

Our Values: One Team Powered by Many

Committed
Connected
Safe
Trustworthy


Nearest Major Market: Denver

Job Segment: Risk Management, Telecom, Telecommunications, ERP, Finance, Technology, Security