Information Security Risk and Controls Analyst (Sr/Principal)

Location : Carmel, IN or Eagan, MN

As MISO's Information Security Risk and Controls Analyst (Senior / Principal) , you will be at the forefront of our cybersecurity efforts.

Your role will involve identifying risks, determining suitable controls and their owners, spotting gaps, modifying controls, and ensuring they are maintained effectively.

You will collaborate closely with IT, Operations, Compliance, and other teams to pinpoint information security risks and devise mitigation strategies.

Additionally, you will support the administration of MISO's information security risk management frameworks, focusing on security and risk.

You will also maintain security controls and compliance, working alongside security operations and development teams to remediate and mitigate any findings.

The responsibilities as our Information Security Risk and Controls Analyst (Senior / Principal) include :

• Build, modify, and maintain IT Security controls
• Identify IT Security Risks
• Identify potential risk mitigations
• Update risk and control matrices - Provide IT Security best practice input to IT projects
• Monitor IT Security controls
• Provide best practice guidance to IT Security control owners to help them maintain their controls and prepare for audits

In one year, you'll know you are successful if :

• Your impact on revising / improving our Risk and Control Matrices is clear and visible.
• You are able to take point on risk and controls projects with other teams with little or no guidance
• You have built strong stakeholder relationships with our risk and control owners

What we are looking for :

• A minimum four to six years of experience in information security risk and compliance with deep knowledge of risks and controls
• Experience performing cyber security risk assessment, treatment planning and reporting
• Possesses foundational understanding of Risk Management concepts and principles
• Possesses foundational understanding of IT concepts and principles
• Understanding of security management and / or information risk and compliance processes and industry frameworks (SOC2, ISO27001, NIST Cybersecurity Framework (CSF, NIST 800-53 COBIT).
• CISSP, CISA, CISM, and / or CRISC Highly preferred. Other technical security certifications beneficial.

Appropriate level will be determined based upon experience and knowledge.

Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid.

MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans.

Operating the electricity grid, running a robust energy market, planning for a bright future - it's what our immensely hardworking and dedicated team does every day.

At MISO we offer a hybrid work environment and a comprehensive benefits package available on your first day of employment.

hiring #DiscoverMISO #MISOCareers #lifeatMISO #weareMISO

MISO, What We Do

LI-HYBRID

LI-JH1