Senior / Principal Security Architect

Xcel Energy•Minneapolis, MN

About The Position

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you’re looking for. Position Summary: The Security Architect is responsible for developing information security architecture products related to systems, processes, applications, data, and technology across the enterprise. Work with stakeholders (e.g. security, technology, legal, business) to understand needs and align capabilities to ensure that security architecture direction and standards are set, communicated, and maintained. Perform strategic planning to ensure ESEM program-level strategies are consistent with organizational goals and requirements, respond to risk and threat, and are coordinated and deconflicted. Report strategy development results out to senior leadership for use in decision making.

Requirements

Minimum of 8 years’ experience in IT including 5 years of direct experience in IT engineering and cyber security.
Demonstrated verbal/written communication and presentation skills.
Demonstrated experience collaborating with internal stakeholders, 3rd parties, management.
Ability to influence without direct authority.
Experience with technology implementation projects for enterprise-scale organizations.
5 years' experience of systems architecture or systems engineering.
10 years' experience in Information Security.
3 years' experience designing complex systems.
3 years' experience with systems integration and engineering.
Strong oral and written communication skills.
Must be able to understand and respond to clients' business needs.

Nice To Haves

Bachelor's degree with a concentration in computer science, technology, accounting or business or equivalent combination of education and experience.
Industrial Control Systems (ICS) / Operational Technology (OT) experience.
Experience with relevant standards and security frameworks (e.g. NERC CIP, NIST CSF, NIST 800-53, IEC 62443).
Experience securing cloud-based services (e.g. SaaS, IaaS, PaaS).
Experience with virtualization technologies: traditional, containerized, network (SDWAN).
Experience with application security programs.
Information Security experience in the electric utility industry.
Experience with technology implementation projects for enterprise-scale organizations.

Responsibilities

Solution Support: Works with security stakeholders, project teams, and asset owners to determine applicable security requirements and controls. Follows projects through execution. Identifies and applies existing patterns and technical controls to ensure consistency in security delivery. Identifies compensating controls when standard solutions cannot be applied.
Architecture Framework: Develop enterprise-level Information Security strategic architectures. Defines controls and integration standards and governs project adherence to standards, frameworks and industry-specific requirements.
Architectural Governance: Participate in the Architecture, Engineering, and/or Design Communities of Practice. Assist in the development of reference architectures and security best practices. Governs project adherence to standards.
Communication & Relationship Building: Communicate with stakeholders and leadership on key technical decisions, program status, and risks. Prepare and deliver effective documentation and presentations on projects, overall program architecture and design. Communicate security risks and technical information to executives, peers and other stakeholders.
Trend Analysis / Technology Investment: Ensure that security architecture areas are integrated with major programs from a domain and enterprise architecture perspective. Perform technology watch functions and keeps abreast of latest developments. Set direction and provide Information Security Roadmap updates relative to key technology direction regarding long-term capabilities required and project impacts.
Technology Leadership: Provide technical leadership to other architects and project engineers. Act as a mentor and role model to other IT architects and engineers. Assists management with development of plans to acquire, train and retain high performing technical talent in critical areas.