IT Principal
1 week ago
Company Overview
WEC Energy Group stands as one of the leading electric generation, distribution, and natural gas delivery holding companies in the United States. With a workforce exceeding 7,000 dedicated professionals, we are committed to fostering an environment where our employees can thrive and contribute to a mission that truly matters.
Position Overview
WEC Business Services LLC, a subsidiary of WEC Energy Group, is in search of an IT Principal – Risk and Compliance (Principal IT Solutions Analyst) based in Milwaukee, Wisconsin. This role provides flexibility with a hybrid work arrangement, allowing for a combination of remote and on-site work.
Key Responsibilities
- Oversee and prioritize compliance initiatives, developing and maintaining processes to ensure adherence to regulatory standards.
- Conduct and advise on risk assessment methodologies, change management protocols, and incident reporting and response strategies.
- Support the enterprise-wide cyber risk strategy, identifying and classifying risks, establishing tolerances, prioritizing mitigation efforts, and measuring risk levels.
- Inform leadership of potential impacts related to governance, risk, and compliance; collaborate with industry peers to shape future standards and requirements.
- Review and enhance enterprise-wide cybersecurity policies and minimum standards to align with business objectives, legal requirements, and regulations; manage metrics and exception processes for cybersecurity policies, tools, and architecture.
- Direct the enterprise-wide cybersecurity awareness training program to promote desired security behaviors across the organization.
- Assist with NERC CIP audits for application controls, serving as a subject matter expert during audits and providing ongoing support for the NERC CIP compliance program and associated control processes and tools.
- Guide and mentor project teams, employees, contractors, and student specialists, fostering a collaborative team environment focused on client service.
- Possess a strong foundation in both technical and business knowledge to ensure success in this role.
Minimum Qualifications
- Bachelor's Degree
- 8+ years of experience in an information systems support role, with a background in project leadership across diverse experiences.
- Strong technical comprehension of application development practices coupled with robust analytical skills.
- This position necessitates unescorted access to critical cyber assets, requiring compliance with all Company and NERC Critical Infrastructure Protection Standard 004 security protocols, including a background investigation.
Preferred Qualifications
- Bachelor's Degree in Computer Science or Information Systems/Technology
- Demonstrated ability to influence peers on cybersecurity issues.
- In-depth knowledge of current and emerging cybersecurity threats.
- Proven track record in talent development and team assembly.
- Familiarity with cybersecurity program structures, processes, and contemporary trends/issues.
- Understanding of compliance and regulations pertaining to IT risk management, compliance, and cybersecurity.
- Experience in Threat and Vulnerability Analysis and Management.
- Knowledge of Data, Network, and Application security.
- Experience in change and configuration management.
- Familiarity with cybersecurity technologies.