Are you looking for an exciting job where you can put your skills, talents and education to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A professional position at Xcel Energy could be just what you’re looking for.
Xcel Energy’s ESS team is responsible for all aspects of security including Cyber, Physical, Enterprise Continuity, Governance and Risk services. This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in. Come join this high-energy team in building a best-in-class Cyber Security program tasked with protecting the critical infrastructure Xcel Energy’s customers depend on.
We are hiring a Senior Cyber Security Engineer - to be based out of Denver, CO, Minneapolis, MN, or Amarillo, TX
The successful candidate should have experience working with Information Technology (IT) and/or Operational Technology (OT) projects to build-in cybersecurity best practices, managing cyber security controls in IT environments (e.g. cyber security engineering, networking and communications) and/or OT environments (e.g. SCADA, DCS, Electric or Gas Distribution/transmission, gas and electric plants, industrial controls, factory floors, military); performing network and application security administration, penetration testing and/or threat assessments, working with commercial and open source security applications and technologies, programming/scripting experience and experience as a cybersecurity specialist in a regulated environment.
The Senior Cyber Security Engineer will assist leadership in effectively developing, implementing, communicating, and executing the Xcel Energy Enterprise Security Services strategy. Assist in steering the Security Engineering Team efforts which are grounded in prevention and management of threats to the environment. Will work closely with key business partners, internal technology and project teams and external vendors to research, deploy and configure technologies and processes that strengthen the defenses of the enterprise. Will remain knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security. Participate in and contribute to other areas within the department as needed, and develop, maintain & implement processes for security for all platforms and ensures compliance with requirements from agencies such as FERC, NERC, and Department of Homeland Security (such as CIP, HIPAA, SOX, PCI).
- Engineer and implement security solutions in support of the overall security objectives of Xcel Energy and in alignment with the Security & Risk Management Strategic Plan.
- Provide technical leadership, governance and oversight for the design of information technology systems, projects and changes within the XE environment with a core focus on security to ensure systems reliability, accessibility and compliance.
- Drive and educate on the Security architecture discipline, processes, concepts and best practices.
- Works with others to ensure that proper security disciplines are understood and applied. Performs the role of internal consultant to help utilize Xcel Energy’s security capabilities. Acts as a resource to educate customers and associates on strategic security choices in available technologies.
- Performs technical security research, analysis and evaluation of new technology tools and provides strategic direction. Maintains current on relevant technology trends. Partners with the Enterprise Architecture group regarding future technology and business needs.
- Develop and maintain a working relationship with 3rd Party service providers responsible for providing technology consulting. Work with business unit executives and service providers to introduce required Cyber Security functionalities into the environment.
- Bachelor’s degree with a concentration in computer science, technology, accounting or business or equivalent combination of education and experience.
- Minimum of 8 years experience in IT and/or OT including 5 years direct experience in engineering and cyber security.
- Demonstrated verbal/written communication and presentation skills. Demonstrated leadership skills.
- Demonstrated leadership skills.
- Proven problem solving and business risk analysis skills.
- Ability to excel in a team environment.
- Strong investigative, conflict resolution and negotiation skills.
- Must possess a broad knowledge relating to IT and/or OT infrastructures and have in-depth and up-to-date experience with multiple operating systems and desk side integration.
- Strong cyber security, computer networking, operating system and desktop skills
- Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, FISMA, BITS etc.)
- Experience working with regulatory programs such as SOX, NERC CIP, HIPAA, etc.