Midcontinent Independent System Operator
Senior Information Security Risk and Controls Analyst
Midcontinent Independent System Operator, Carmel, Indiana, United States, 46033
Location: Carmel, IN or Eagan, MN
As MISO's
Senior
Information Security Risk and Controls Analyst , you will be at the forefront of our cybersecurity efforts. Your role will involve identifying risks, determining suitable controls and their owners, spotting gaps, modifying controls, and ensuring they are maintained effectively. You will collaborate closely with IT, Operations, Compliance, and other teams to pinpoint information security risks and devise mitigation strategies. Additionally, you will support the administration of MISO's information security risk management frameworks, focusing on security and risk. You will also maintain security controls and compliance, working alongside security operations and development teams to remediate and mitigate any findings.
The responsibilities as our
Senior
Information Security Risk and Controls Analyst
include:Build, modify, and maintain IT Security controlsIdentify IT Security RisksIdentify potential risk mitigationsUpdate risk and control matrices - Provide IT Security best practice input to IT projectsMonitor IT Security controlsProvide best practice guidance to IT Security control owners to help them maintain their controls and prepare for auditsIn one year, you'll know you are successful if:Your impact on revising/improving our Risk and Control Matrices is clear and visible.You are able to take point on risk and controls projects with other teams with little or no guidanceYou have built strong stakeholder relationships with our risk and control ownersWhat we are looking for:A minimum four to six years of experience in information security risk and compliance with deep knowledge of risks and controlsExperience performing cyber security risk assessment, treatment planning and reportingPossesses foundational understanding of Risk Management concepts and principlesPossesses foundational understanding of IT concepts and principlesUnderstanding of security management and/or information risk and compliance processes and industry frameworks (SOC2, ISO27001, NIST Cybersecurity Framework (CSF, NIST 800-53 COBIT).CISSP, CISA, CISM, and/or CRISC Highly preferred. Other technical security certifications beneficial.Appropriate level will be determined based upon experience and knowledge.
Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid. MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future - it's what our immensely hardworking and dedicated team does every day.
At MISO we offer a hybrid work environment and a comprehensive benefits package available on your first day of employment.#hiring #DiscoverMISO #MISOCareers #lifeatMISO #weareMISOMISO, What We Do#LI-HYBRID#LI-JH1
As MISO's
Senior
Information Security Risk and Controls Analyst , you will be at the forefront of our cybersecurity efforts. Your role will involve identifying risks, determining suitable controls and their owners, spotting gaps, modifying controls, and ensuring they are maintained effectively. You will collaborate closely with IT, Operations, Compliance, and other teams to pinpoint information security risks and devise mitigation strategies. Additionally, you will support the administration of MISO's information security risk management frameworks, focusing on security and risk. You will also maintain security controls and compliance, working alongside security operations and development teams to remediate and mitigate any findings.
The responsibilities as our
Senior
Information Security Risk and Controls Analyst
include:Build, modify, and maintain IT Security controlsIdentify IT Security RisksIdentify potential risk mitigationsUpdate risk and control matrices - Provide IT Security best practice input to IT projectsMonitor IT Security controlsProvide best practice guidance to IT Security control owners to help them maintain their controls and prepare for auditsIn one year, you'll know you are successful if:Your impact on revising/improving our Risk and Control Matrices is clear and visible.You are able to take point on risk and controls projects with other teams with little or no guidanceYou have built strong stakeholder relationships with our risk and control ownersWhat we are looking for:A minimum four to six years of experience in information security risk and compliance with deep knowledge of risks and controlsExperience performing cyber security risk assessment, treatment planning and reportingPossesses foundational understanding of Risk Management concepts and principlesPossesses foundational understanding of IT concepts and principlesUnderstanding of security management and/or information risk and compliance processes and industry frameworks (SOC2, ISO27001, NIST Cybersecurity Framework (CSF, NIST 800-53 COBIT).CISSP, CISA, CISM, and/or CRISC Highly preferred. Other technical security certifications beneficial.Appropriate level will be determined based upon experience and knowledge.
Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid. MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future - it's what our immensely hardworking and dedicated team does every day.
At MISO we offer a hybrid work environment and a comprehensive benefits package available on your first day of employment.#hiring #DiscoverMISO #MISOCareers #lifeatMISO #weareMISOMISO, What We Do#LI-HYBRID#LI-JH1