Security Governance Analyst
Company: Black Hills Energy
Location: Denver
Posted on: October 17, 2024
|
|
Job Description:
Job Specifications Black Hills Energy is people powered and
purpose driven. Our team uses the power of energy to improve life
for over one million customers in 800+ communities across the West
and Midwest. We seek talented, caring people who embody our core
values and contribute to a culture of inclusion and growth. As an
organization, we believe the best part of working on our team is
our commitment to making tomorrow better than today-for our
customers, communities and each other.Position summary:This role
will work with the Sr Manager Security Governance within Black
Hills Energy Enterprise Security department. As part of the
Security Governance and Risk team, this role will help with
maintaining security risk information of the company. Additionally,
this position will review policies on a regular basis and provide
suggested updates with adequate communication with Subject Matter
Experts in various departments.Pay Range: $75,550 - $113,350 (This
posting includes the full pay range for this position. Pay is based
on a number of factors and may vary depending on job-related
knowledge, skills, experience, and internal equity.)Reporting
Relationship: Security Governance Senior ManagerLocation: Rapid
City, SD, Council Bluffs, IA, or Denver, CORelocation Assistance:
Relocation assistance is available based on individual
circumstances! Details to be shared during the offer
process.Essential Functions:
Work with the Information Security team to improve the protection
of information for the company.
Assist in periodic security control assessments and reviews in
accordance with security plans.
Design and implement automation to enhance IT Controls or manual
processes.
Review, update and develop required security documentation,
including Information Security policies and standards.
Maintain various Security Metrics, Outcome Driven Metrics, and
Objectives & Key Results (OKR) within the Enterprise Security
Department.
Stay current on IT compliance trends and news related to security
(NIST, Cobit, PCI, SOX, GDPR...) and make recommendations to the
security team.
Align Information Security processes with Cyber Security Framework
such as CIS, ISO 27001, NIST, COBIT, etc. as assigned.
Support project assignments with strong and effective
communication, contributing to success or project through clearly
communicated security control requirements.Additional
Responsibilities:
Understand current as well as emerging security threats and design
security controls to mitigate threats where possible.
Maintain an awareness of existing and proposed security standard
setting groups as well as State and Federal legislation and
regulations pertaining to information security.What Is
Required:
Bachelor's Degree Computer Science, Information Assurance, Network
Security Administration or the equivalent combination of education
and experience
Minimum of (3) three years of IT Compliance and/or Information
Security work experienceWhat Is Desired:
Professional security and/or audit certification or equivalent
experience (CISM, CISA, CRISC, CISSP, etc).
Knowledge of information security controls and processes for
conducting Business Impact Analyses, Risk Assessments and IT System
audits.
Experience working with GRC solutions such as RSA Archer or
ServiceNow IRM helpful.
Advanced knowledge of audit and control processes, risk management
processes, information security (Cyber) standards and practices
(NIST SP800-53, ISO 9001, ISO 27001-02, HIPAA, CJIS, PCI,
etc.).
Knowledge or experience with Microsoft Azure and Amazon Web
Services environments is a plus.
Solid understanding of security concepts such as Segregation of
Duties, Data Classification, or Least PrivilegeThis description is
not intended to be an all-inclusive list of responsibilities,
duties, and requirements for employees in this position. Job
descriptions may and do change periodically. Where positions are
covered by a collective bargaining unit agreement, the terms and
conditions of the agreement will apply.About our Company: We are a
customer, growth and safety focused utility company that is
dedicated to our communities. We improve life with energy as an
energy partner of choice. Our diverse culture fuels unique
perspectives, opening doors to new insights and possibilities.
Based in Rapid City, South Dakota, we have over 3000 employees and
serve 1.3 million natural gas and electric utility customers across
eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska,
Iowa, Kansas, and Arkansas).Enjoy our Comprehensive Benefits
Package! Annual discretionary bonuses, 401(k) (6% company match and
up to 9% company retirement contribution), tuition reimbursement,
generous paid time off benefits, including paid holidays and
parental leave, company paid life insurance and disability benefits
(short and long term), an employee assistance program and
well-being benefits, and competitive medical, dental and vision
insurance.Candidates must successfully pass a pre-employment drug
screen and background check. Black Hills Energy does not sponsor
applicants for work visas. All applicants must be legally
authorized to work in the US.We are an equal opportunity employer.
All qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, sexual orientation,
gender identity, national origin, disability, age, or status as a
protected veteran. If you require reasonable accommodation, please
visit for more information.
Keywords: Black Hills Energy, Loveland , Security Governance Analyst, Professions , Denver, Colorado
Click
here to apply!
|