Security Governance Analyst

Job Specifications

Black Hills Energy is people powered and purpose driven. Our team uses the power of energy to improve life for over one million customers in 800+ communities across the West and Midwest.

We seek talented, caring people who embody our core values and contribute to a culture of inclusion and growth. As an organization, we believe the best part of working on our team is our commitment to making tomorrow better than today-for our customers, communities and each other.

Position summary :

This role will work with the Sr Manager Security Governance within Black Hills Energy Enterprise Security department. As part of the Security Governance and Risk team, this role will help with maintaining security risk information of the company.

Additionally, this position will review policies on a regular basis and provide suggested updates with adequate communication with Subject Matter Experts in various departments.

Pay Range : $75,550 - $113,350 (This posting includes the full pay range for this position. Pay is based on a number of factors and may vary depending on job-related knowledge, skills, experience, and internal equity.)

Reporting Relationship : Security Governance Senior Manager

Location : Rapid City, SD, Council Bluffs, IA, or Denver, CO

Relocation Assistance : Relocation assistance is available based on individual circumstances! Details to be shared during the offer process.

Essential Functions :

Work with the Information Security team to improve the protection of information for the company.

Assist in periodic security control assessments and reviews in accordance with security plans.

Design and implement automation to enhance IT Controls or manual processes.

Review, update and develop required security documentation, including Information Security policies and standards.

Maintain various Security Metrics, Outcome Driven Metrics, and Objectives & Key Results (OKR) within the Enterprise Security Department.

Stay current on IT compliance trends and news related to security (NIST, Cobit, PCI, SOX, GDPR...) and make recommendations to the security team.

Align Information Security processes with Cyber Security Framework such as CIS, ISO 27001, NIST, COBIT, etc. as assigned.

Support project assignments with strong and effective communication, contributing to success or project through clearly communicated security control requirements.

Additional Responsibilities :

Understand current as well as emerging security threats and design security controls to mitigate threats where possible.

Maintain an awareness of existing and proposed security standard setting groups as well as State and Federal legislation and regulations pertaining to information security.

What Is Required :

Bachelor's Degree Computer Science, Information Assurance, Network Security Administration or the equivalent combination of education and experience

Minimum of (3) three years of IT Compliance and / or Information Security work experience

What Is Desired :

Professional security and / or audit certification or equivalent experience (CISM, CISA, CRISC, CISSP, etc).

Knowledge of information security controls and processes for conducting Business Impact Analyses, Risk Assessments and IT System audits.

Experience working with GRC solutions such as RSA Archer or ServiceNow IRM helpful.

Advanced knowledge of audit and control processes, risk management processes, information security (Cyber) standards and practices (NIST SP800-53, ISO 9001, ISO 27001-02, HIPAA, CJIS, PCI, etc.).

Knowledge or experience with Microsoft Azure and Amazon Web Services environments is a plus.

Solid understanding of security concepts such as Segregation of Duties, Data Classification, or Least Privilege

This description is not intended to be an all-inclusive list of responsibilities, duties, and requirements for employees in this position.

Job descriptions may and do change periodically. Where positions are covered by a collective bargaining unit agreement, the terms and conditions of the agreement will apply.

About our Company : We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice.

Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.

3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas).

Enjoy our Comprehensive Benefits Package! Annual discretionary bonuses, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, generous paid time off benefits, including paid holidays and parental leave, company paid life insurance and disability benefits (short and long term), an employee assistance program and well-being benefits, and competitive medical, dental and vision insurance.

Candidates must successfully pass a pre-employment drug screen and background check.

Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran.

If you require reasonable accommodation, please visit careers.blackhillsenergy.com for more information.