Share this Job

Principal Cybersecurity Analyst

Apply now »

Date: Jul 23, 2022

Location(s): St. Paul, MN, US, 55107

Company: NextEra Energy

Requisition ID:  63421 

 

NextEra Analytics is the optimization and analytics team for the world’s largest renewable energy generator. We thrive on solving the toughest problems facing the energy industry and creating innovative forecasting and optimization solutions that lead the way into the next era of energy.

 

Position Specific Description

The Principal Cybersecurity Analyst will be responsible for managing all aspects of NextEra Analytics cybersecurity strategy to ensure the highest levels of security are maintained for company systems and products.  This individual will work with all parts of the organization to achieve this goal.  Close interaction with the product engineering team to help build security into NextEra Analytics products will also be required.  Additionally, this individual will evaluate tools and services to expand security coverage.  Experience with managing cybersecurity in public cloud compute environments is a requirement.  This individual should be able to efficiently report security status to the leadership team during normal operations and during active incident response situations.  There is a high likelihood this individual will eventually lead a team of direct report cybersecurity professionals.

 

Primary Job Functions Include:

 

  • Designing comprehensive cybersecurity strategies and driving implementation across NextEra Analytics (NEA)
  • Reviewing and updating NEA cybersecurity policies and procedures on regular basis
  • Ongoing validation that cybersecurity policies and procedures are properly implemented
  • Educating and training staff on cybersecurity best practices
  • Vulnerability scan management for all cloud and on-prem IT infrastructure
  • Using cloud native and cloud agnostic tools for monitoring and vulnerability management
  • Cybersecurity vendor evaluation
  • Responding to customer and partner cybersecurity inquiries
  • Coordinating penetration testing events
  • Participating in cybersecurity audits
  • Coordination between NEA and NextEra Energy (NEE) cybersecurity teams
  • Leading cybersecurity incident response tabletop exercises
  • Making recommendations for new tools to improve overall cybersecurity profile
  • Working with product engineering to ensure NEA products are built with a security-first mindset

Job Overview

This job performs ongoing cybersecurity risk reviews for new and existing technologies and services and supports ongoing and new cybersecurity projects.  Individuals develop requirements for and implement technical security projects and tools, as well as define the company’s cybersecurity policies and control framework.  This position collaborates with the company’s IT department and business units to identify the need for, select, and deploy technical controls to meet specific security requirements. Employees in this role build processes and standards to ensure security requirements continue to be met.

Job Duties & Responsibilities

  • Administers, operates and monitors NextEra Energy (NEE) information security sensors, logging, alerting and other detection mechanisms to identify and respond to threats
  • Acts as subject matter expert for one or multiple assigned cybersecurity technology stacks (e.g., identity and access management, network intrusion detection and prevention, host based security tools)
  • Collaborates with security architecture to identify, evaluate and recommend new security technologies for suitability within NEE’s environment and security posture
  • Communicates ongoing cybersecurity activities, priorities and risk measurements or mitigations at multiple organizational levels
  • Provides guidance for security activities and requirements in the system development life cycle (SDLC) and application development efforts. Participates in organizational projects, as required
  • Performs other job-related duties as assigned

Required Qualifications

  • High School Grad / GED
  • Bachelor’s or Equivalent Experience
  • Experience: 7+ years

Preferred Qualifications

  • Certified Information Systems Aud (CISA) certification

 

Employee Group:  Exempt
Employee Type:  Full Time
Job Category:  Information Technology
Organization:  NextEra Analytics Inc 
Relocation Provided:  Yes, if applicable

 

Where permitted by applicable law, NextEra Energy requires all employees and new hires to be fully vaccinated for COVID-19 or be willing to receive the COVID-19 vaccination on or before the first day of employment.

 

NextEra Energy is an Equal Opportunity Employer. Qualified applicants are considered for employment without regard to race, color, age, national origin, religion, marital status, sex, sexual orientation, gender identity, gender expression, genetics, disability, protected veteran status or any other basis prohibited by law. We are committed to a diverse and inclusive workplace.

 

NextEra Energy provides reasonable accommodation in its application and selection process for qualified individuals, including accommodations related to compliance with conditional job offer requirements, consistent with federal, state, and local laws. Supporting medical or religious documentation will be required where applicable and permitted by applicable law. To request a reasonable accommodation, please send an e-mail to recruiting-coordinator.sharedmailbox@nexteraenergy.com, providing your name, telephone number and the best time for us to reach you. Alternatively, you may call 1-844-694-4748. Please do not use this line to inquire about your application status.

 

NextEra Energy will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

 

NextEra Energy does not accept any unsolicited resumes or referrals from any third-party recruiting firms or agencies. Please see our policy for more information.

#LI-KH1 


Nearest Major Market: Minneapolis