jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

other

Posted Yesterday

Security Risk Analyst

at Xcel Energy

Minneapolis, United StatesOn-site

Requirements

  • Translates technical language into business terms to facilitate understanding of risk to the business.
  • experience working in a security function. (One year of working in a highly regulated environment e.g. Utilities, Financial, may substitute for up to 18 months
  • experience in a security function.) 2 years of
  • experience with risk assessments, audit or control testing.
  • Knowledge of security and lifecycle management, including auditing methodology or technology risk assessments.
  • Ability to develop strong working relationships with peers and stakeholders across business units.
  • Experience working with information security policies, standards, industry best practices and/or frameworks (e.g., ISO 27K, NIST 800-53, FISMA, BITS, etc.) Knowledge of IT Security tools and technologies used in an enterprise environment. Preferred
  • Requirements: Bachelor's degree or higher with a concentration in computer science, technology, or business, or equivalent combination of education and experience.
  • Security or Risk-related certifications (CRISC, CISSP, CISA, etc.) Preferred
  • Experience conducting vendor and project-based security risk assessments, including identifying risks, evaluating impact/likelihood, and recommending appropriate controls and treatment strategies.
  • Security Frameworks & Controls: Working knowledge of security frameworks and standards (e.g., NIST, ISO 27001) and ability to apply control
  • GRC Tooling: Familiarity with GRC platforms such as Archer and/or ProcessUnity for documenting assessments, tracking risks, and managing findings lifecycle.
  • Experience developing detailed findings, managing remediation tracking, and supporting risk acceptance and exception processes with minimal guidance.
  • Stakeholder Engagement: Ability to partner with business and technology teams to gather requirements, facilitate discussions, and support risk-based decision-making.
  • Communication & Documentation: Strong written communication skills with the ability to clearly document risk assessments, findings, and recommendations for both technical and business audiences.
  • Self-Starter & Adaptability: Demonstrated ability to work independently, manage ambiguity, and prioritize work across multiple assessments and initiatives.
  • experience in cybersecurity, IT risk, GRC, audit, compliance, or security consulting.

Experience

  • Security & Risk Background: ~5+ years of

Benefits

  • Non-Bargaining The anticipated starting base pay for this position is: $73,700.00 to $104,633.00 per year This position is eligible for the following
  • benefits: Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition

Contact

  • Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com .
  • ACCESSIBILITY STATEMENT Xcel Energy endeavors to make https://www.xcelenergy.com/ accessible to any and all users.
  • If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Xcel Energy Talent Acquisition at recruiting@xcelenergy.com.

Additional details

  • Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you’re looking for.
  • Position Summary Executes critical aspects of the Enterprise Security Risk Management function.
  • Partners with the business to document and measure risk inherent to systems, assets, and information.
  • Works with the security teams and collaborates with the business to assess IT risks.
  • Oversees the risk review process and reporting across the enterprise. Essential
  • Responsibilities Oversees the risk acceptance process across the enterprise to ensure risks are documented and accepted at the correct levels of the organization.
  • Validates remediation plans are in place to reduce risk where possible.
  • Manages cycle to reassess accepted risks, obtain sign-off, and provide reporting.
  • Assists business partners with completing risk assessments and ensuring the correct documentation is captured to support the risk assessment process.
  • Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements.

Find more real-time jobs on JobLoom.