IT Principal - Risk and Compliance

WEC Business Services LLC, a subsidiary of WEC Energy Group, is seeking am IT Principal – Risk and Compliance (Principal IT Solutions Analyst) in our Milwaukee, Wisconsin location. This position offers flexibility for a hybrid work arrangement (remote/on-site) with time spent in the Milwaukee office.

Job Summary

The IT Principal – Risk and Compliance is a leadership role responsible for the successful development and implementation of plans related to internal policy, process, controls, documentation and training pertaining to cybersecurity risk and compliance as well as supporting related compliance tools.

Job Responsibilities

• Support the management of priorities for compliance activities, develop, implement and maintain processes to sustain compliance for regulatory standards.
• Perform and advise on risk assessment techniques, change management, incident reporting and response planning.
• Support the enterprise cyber risk strategy to identify and classify risks, define appropriate tolerances, prioritize mitigation activities, and measure risk levels.
• Advise leadership of potential impact to governance/risk/compliance requirements; participate in the development of future standards and requirements in collaboration with industry peers.
• Review enterprise-wide cybersecurity policies and minimum standards in line with business objectives, laws, and regulations; oversee metrics and exception management process for cybersecurity policies, tools and architecture.
• Manage enterprise-wide cybersecurity awareness training program to drive desired security behaviors across WEC.
• Support NERC CIP audit for application controls, present as subject matter expert before auditors, provide day to day support of the NERC CIP compliance program and compliance control processes and tools.
• Provide work direction, guidance and mentoring to project teams, employees, contractors, and student specialists.
• A base of both technical and business knowledge is necessary for success. This work will be conducted in a strong team environment that is committed to client service.

Minimum Qualifications

• Bachelor's Degree
• 8+ years in an information systems support role and experience in an occupation requiring project leadership with a wide range of experiences. 
• Strong technical understanding of application development practices and strong analytical skills.
• This position requires unescorted access to certain critical cyber assets which would require applicants to satisfy all Company and NERC Critical Infrastructure Protection Standard 004 security requirements, which includes a background investigation.

Preferred Qualifications

• Bachelor's Degree in Computer Science or Information Systems/Technology
• Strong and proven ability to influence peers on cybersecurity matters
• Strong knowledge of current and emerging cybersecurity risks
• Proven ability to develop talent and assemble a highly effective team
• Knowledge in cybersecurity program structure, processes and current cybersecurity trends/issues
• Familiarity with compliance and regulations relating to IT risk management, compliance and cybersecurity
• Threat and Vulnerability Analysis and Management
• Data/Network/Application security
• Change and configuration management experience
• Cybersecurity technologies

End Date: 05/20/2024 

We reserve the right to modify the application deadline or discontinue accepting applications for any position if deemed necessary.

Learn more at Careers

WEC Energy Group and its subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any other protected class.

EEO/AA policies and statements