Xcel Energy Senior Security Governance & Controls Analyst Job in Denver, Colorado

Location(s): CO - Denver

Are you looking for an exciting job where you can put your skills, talents and education to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A professional position at Xcel Energy could be just what you’re looking for.

Position Summary

Significant contributor to the security governance and control program focused on security policies and standards, Technical Control Governance, training and awareness, and metrics and reporting. Technical Control Governance involves the development and evaluation of security controls, self-assessments, spot-checks, risk identification, process gaps, and process alignment. Partners across the security organization, as well as other business areas, to facilitate the adoption of security controls driven by risk-based decision making. Contributes to the organizational continuous improvement program, driving consistency and quality across the organization.

Essential Responsibilities

  • Significant contributor to the security governance and control program focused on security policies and standards, Technical Control Governance, training and awareness, and metrics and reporting. Technical Control Governance involves the development and evaluation of security controls, self-assessments, spot-checks, risk identification, process gaps, and process alignment. Partners across the security organization, as well as other business areas, to facilitate the adoption of security controls driven by risk-based decision making. Contributes to the organizational continuous improvement program, driving consistency and quality across the organization.

  • Participate in the review and update cycle for security policies, standards, and controls. Engage with subject matter experts to address new requirements and emerging business needs in a secure manner.

  • Participate in the development and implementation of the security awareness program. Develop and deliver training and awareness content to educate the business about the Technical Control Framework and other programs originating from Security Governance and Risk Services.

  • Compile and review output from the Technical Control Governance program. Collaborate with team members to analyze information and formulate recommendations and reports for management review and decision making.

  • Participate in application risk assessment.

Minimum Requirements

  • BA/BS degree or higher and a minimum of 5 years of progressive experience in security and IT or OT related fields.

  • Two years of experience with control testing, security standards/policy implementation, security audits, or security risk management. One year of working in a Governance, Risk & Compliance (GRC) function in a highly regulated environment (e.g. Financial) may substitute for up to 18 months experience.

  • Self-starter; adaptable to change.

  • Ability to set and achieve personal and program goals, and to track performance against those goals.

  • Ability to work effectively across the organization, establishing positive working relationships, and building trust.

  • Applies sound judgment and creativity to solve complex problems.

  • Strong verbal and written communication skills.

  • Demonstrated ability to create documentation for technical and non-technical audiences.

Preferred Skills:

  • Experience in one or more of the following areas: network administration, systems administration, SDLC /secure soft, encryption, asset management, identity and access management, IT Operations, Security Risk Management.

  • Certification in one or more of the following: CISM, CISSP, CISA, CRISC, CISSP.

  • Experience using a GRC tool (i.e. Archer).

  • Knowledge of regulatory requirements/frameworks such as PCI, CIP, SOX, HIPPA, ISO, NIST, COBIT, or Cyber Security Framework (CSF).


As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you’re ready to be a part of something big, we invite you to join our team.

Posting Notes: CO - Denver || CO - Denver || United States (US) || Utilities and Corporate Servic || 70080:Security Governance & Risk Svc || Full-Time || Non-Bargaining ||

Requisition Number: 13007

Equal Opportunity Employer: Minority/Female/Disability/Veteran

Individuals with a disability who need an accommodation to apply please contact us at recruiting@xcelenergy.com