Logo
WEC Business Services LLC

IT Cybersecurity Analyst - Operational Technology

WEC Business Services LLC, Milwaukee, Wisconsin, United States, 53244


WEC Business Services LLC, a subsidiary of WEC Energy Group, is seeking an OT Cybersecurity Analyst in our Milwaukee, Green Bay, or Chicago locations. This position offers flexibility for a hybrid work arrangement (remote/on-site) with time spent in the office. This position is part of a job family (IT Cybersecurity Analyst/Senior IT Cybersecurity Analyst) where experience is the determining factor in placement. Job Summary As the Operational Technology (OT) Cybersecurity subject matter expert (SME), you will be a liaison between the IT Cybersecurity Team and stakeholders within the Power Generation, Electrical and Gas Distribution Asset Management businesses. You will assist business areas to maintain WEC Energy Group's overall OT cybersecurity architecture, governance, policy and processes, and contribute to the roadmap for enterprise level systems. In addition, you are responsible for providing leadership in the OT enterprise cybersecurity tools and vendor evaluation process, and conducting periodic assurance reviews to ensure designs are implemented to the agreed OT cybersecurity architecture. Job Responsibilities Domain-focused Architecture Oversight, Planning, and Enablement Maintain a view of the company's overall cybersecurity architecture, to ensure appropriate OT domain coverage of security capabilities and identify potential gaps for remediation Collaborate with business units to develop, implement, and maintain system architectures that support OT cybersecurity policies & standards using actionable control lists, implementation guidelines, and required levels of protection that align with enterprise level control framework while prioritizing the system criticality Collaborate with the Governance Risk and Compliance principal to evaluate OT security enterprise tools exception requests, measures, metrics, architecture exception requests and develop & track mitigation plans for the resolution of risk Develop strategic plans and OT architecture/process requirements based on emerging OT risks and trends Domain-focused Security Systems & Tools Collaborate with the security team leads to leverage standardized OT level security systems and tools across system architectures Advise OT domain specific business divisions and local business entities on OT cybersecurity vendor and tools selection, with emphasis on ensuring that tools address OT specific business entity requirements and maximize reusability Develop action (project) plans for OT enterprise systems, aligned to Enterprise Security and Compliance strategy and enterprise security roadmap Minimum Qualifications Bachelor's degree in computer science, computer engineering, software engineering, information technology, computer information systems, MIS, or engineering is preferred. A combination of associate degree, military or professional cybersecurity experience and cybersecurity certification will be considered. 2 years OT cybersecurity architecture design and strategy experience Preferred Qualifications Certified Information System Security Professional (CISSP) certification Global Industrial Cybersecurity Professional (GICSP) certification Certified SCADA Security Architect (CSSA) certification Experience in OT cybersecurity architecture design and strategy within the Power Generation, Gas and Electric business (specifically Industrial Control Systems) Ability to lead and execute the OT cybersecurity strategy for OT business areas In-depth knowledge of OT cybersecurity architecture that support various components of NIST cybersecurity framework capabilities, such as cybersecurity engineering, vulnerability management, identity management, threat intel, prediction and detection, as well as response and recovery Expertise with OT domain specific cybersecurity vendors and tools, security evaluation processes and assessing risk & developing mitigation plans End Date: 11/29/2024 We reserve the right to modify the application deadline or discontinue accepting applications for any position if deemed necessary. Learn more at Careers WEC Energy Group and its subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any other protected class. EEO/AA policies and statements