IT Cybersecurity Analyst - Operational Technology

Milwaukee, WI, US, 53203

WEC Energy Group

WEC Energy Group (NYSE: WEC), based in Milwaukee, is one of the nation’s premier energy companies, serving 4.4 million customers in Wisconsin, Illinois, Michigan and Minnesota.

View company page

WEC Business Services LLC, a subsidiary of WEC Energy Group, is seeking an OT Cybersecurity Analyst in our Milwaukee, Green Bay, or Chicago locations. This position offers flexibility for a hybrid work arrangement (remote/on-site) with time spent in the office.
 This position is part of a job family (IT Cybersecurity Analyst/Senior IT Cybersecurity Analyst) where experience is the determining factor in placement.

Job Summary

As the Operational Technology (OT) Cybersecurity subject matter expert (SME), you will be a liaison between the IT Cybersecurity Team and stakeholders within the Power Generation, Electrical and Gas Distribution Asset Management businesses. You will assist business areas to maintain WEC Energy Group’s overall OT cybersecurity architecture, governance, policy and processes, and contribute to the roadmap for enterprise level systems. In addition, you are responsible for providing leadership in the OT enterprise cybersecurity tools and vendor evaluation process, and conducting periodic assurance reviews to ensure designs are implemented to the agreed OT cybersecurity architecture. 

Job Responsibilities

Domain-focused Architecture Oversight, Planning, and Enablement

  • Maintain a view of the company’s overall cybersecurity architecture, to ensure appropriate OT domain coverage of security capabilities and identify potential gaps for remediation
  • Collaborate with business units to develop, implement, and maintain system architectures that support OT cybersecurity policies & standards using actionable control lists, implementation guidelines, and required levels of protection that align with enterprise level control framework while prioritizing the system criticality 
  • Collaborate with the Governance Risk and Compliance principal to evaluate OT security enterprise tools exception requests, measures, metrics, architecture exception requests and develop & track mitigation plans for the resolution of risk
  • Develop strategic plans and OT architecture/process requirements based on emerging OT risks and trends

 

Domain-focused Security Systems & Tools

  • Collaborate with the security team leads to leverage standardized OT level security systems and tools across system architectures 
  • Advise OT domain specific business divisions and local business entities on OT cybersecurity vendor and tools selection, with emphasis on ensuring that tools address OT specific business entity requirements and maximize reusability
  • Develop action (project) plans for OT enterprise systems, aligned to Enterprise Security and Compliance strategy and enterprise security roadmap 

Minimum Qualifications

  • Bachelor’s degree in computer science, computer engineering, software engineering, information technology, computer information systems, MIS, or engineering is preferred. A combination of associate degree, military or professional cybersecurity experience and cybersecurity certification will be considered.
  • 2+ years OT cybersecurity architecture design and strategy experience

Preferred Qualifications

  • Certified Information System Security Professional (CISSP) certification
  • Global Industrial Cybersecurity Professional (GICSP) certification
  • Certified SCADA Security Architect (CSSA) certification
  • Experience in OT cybersecurity architecture design and strategy within the Power Generation, Gas and Electric business (specifically Industrial Control Systems)
  • Ability to lead and execute the OT cybersecurity strategy for OT business areas
  • In-depth knowledge of OT cybersecurity architecture that support various components of NIST cybersecurity framework capabilities, such as cybersecurity engineering, vulnerability management, identity management, threat intel, prediction and detection, as well as response and recovery 
  • Expertise with OT domain specific cybersecurity vendors and tools, security evaluation processes and assessing risk & developing mitigation plans 

End Date: 04/30/2024 

We reserve the right to modify the application deadline or discontinue accepting applications for any position if deemed necessary.

Learn more at Careers

WEC Energy Group and its subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any other protected class.

EEO/AA policies and statements

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: CISSP Compliance Computer Science CSSA GICSP Governance Industrial NIST SCADA Strategy Vulnerability management

Region: North America
Country: United States
Job stats:  18  6  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.