Are you looking for an exciting job where you can put your skills, talents and education to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A professional position at Xcel Energy could be just what you’re looking for.
Xcel Energy’s ESS team is responsible for all aspects of security including Cyber, Physical, Enterprise Resiliency, Governance and Risk services. This dynamic team is growing and evolving to meet the needs of the enterprise while adjusting to the ever changing world we live in. Come join this high-energy team in building a best-in-class Cyber Security program tasked with protecting the critical infrastructure Xcel Energy’s customers depend on.
We are hiring at a Cyber Security Network Engineer level and a Senior Cyber Security Network Engineer level- to be based out of Denver, CO or Minneapolis, MN.
The successful candidate will have experience working with Information Technology (IT) projects to build-in cybersecurity best practices, managing cyber security controls in IT environments (e.g. cyber security engineering, networking and communications), performing network and application security administration in IT environments, penetration testing and/or threat assessments working with commercial and open source security applications and technologies, programming/scripting experience, and experience as a cybersecurity specialist in a regulated IT environment.
The Cyber Security Network Engineer will assist leadership in effectively developing, implementing, communicating, and executing the Xcel Energy Enterprise Security Services strategy. Assist in steering the Cyber Security Engineering Team efforts which are grounded in prevention and management of threats to the environment. Will work closely with key business partners, internal technology and project teams and external vendors to research, deploy and configure technologies and processes that strengthen the defenses of the enterprise. Will remain knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security.
- Work with business units in the planning, designing, implementing, and maintaining of the managed firewall infrastructure and associated network defense technologies such as firewalls, application-based firewalls, intrusion detection/prevention (IDS/IPS) systems, web proxy devices, and associated software
- Able to formulate firewall Security policy and manage firewall Security configuration
- Provide specifications and detailed schematics for firewall and network architecture
- Provide specific detailed information for firewall hardware and software selection, as well as implementation techniques and tools for the most efficient solution to meet business needs including present and future capacity and security feature requirements
- Troubleshooting firewall infrastructure problems as necessary
- Conduct testing and necessary troubleshooting of firewall security policies and rules to guarantee functionality and optimize system performance
- Respond to outages and resolving and documenting priority incident tickets
- Assist in the investigation of security incidents as required, and recommend corrective actions and process improvements
- Respond to and accomplishing change request actions and documenting changes as necessary including firewall rule approval
- Perform periodic firewall security policy and rule compliance reviews, risk assessments, and control testing
- Provide reporting to prove compliance with regulations
- Providing training to other Cyber Security Engineers and business partners
- Bachelor's degree (preferably with a concentration in Computer Science, Technology, Information Security, Information Systems or Engineering) or the equivalent combination of education, training and professional experience.
- Minimum of 6 years’ experience in Cyber Security including 5 years direct experience in Cyber Security Engineering. For the Senior level, 8 years of Cyber Security experience is required.
- Strong cyber security, computer networking, operating system and desktop skills.
- Strong investigative, conflict resolution and negotiation skills.
- Demonstrated verbal/written communication and presentation skills.
- Demonstrated leadership skills.
- Proven problem solving and business risk analysis skills.
- Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, FISMA, BITS etc.).
- Experience working with regulatory programs such as SOX, NERC CIP, HIPAA, etc.
- Strong team skills.