Principal IT Solutions Analyst - Enterprise Security GRC

WBS, a subsidiary of WEC Energy Group, is seeking a Principal IT Solutions Analyst - Enterprise Security GRC in our Milwaukee, Wisconsin location. This position offers flexibility for a hybrid work arrangement (remote/on-site) with time spent in the Milwaukee office on a regular basis.

About Us

WEC Energy Group is one of the nation’s largest electric generation and distribution and natural gas delivery holding companies serving 4.7 million customers across the Midwest. We are committed to providing clean, reliable, and affordable energy in an environmentally sustainable manner. Customers are the heart of our business, and we work every day to help grow and support communities where we provide vital energy services.

As a Fortune 500 company, we value and develop our employees who are making a difference in a mission that matters. We don’t just offer a job; we provide fulfilling careers where safety and well-being are paramount. Join our team and experience first-hand our commitment to your success. We offer competitive pay and benefits to recognize your hard work and dedication.

If you’re talented, energetic and ready for a career with a future, we want you on our team. We are powered by a diverse and inclusive workforce fueled by the pride in what we do. If you're driven by the passion to change lives, this is the place for you.

Job Summary

The Principal IT Solutions Analyst, Enterprise Security GRC is an expert level position that combines strong technical skills and broad business awareness to lead technology design and implementation. This position leads a team of Governance Risk and Compliance (GRC) professionals who inform WEC’s cyber risk strategy, provide risk management, concept development, project execution, administration, monitoring, support and restoration of the cybersecurity GRC solution.  

Job Responsibilities

• Keep up-to-date with emerging cybersecurity risk trends and issues; and understand business related cybersecurity risks and support requirements to support the Enterprise Security and Compliance leadership in developing strategic plans and governance/risk/compliance requirements.
• Collaborate with stakeholders to implement enterprise-wide cybersecurity compliance through strategy development, controls definition and standards compliance monitoring.
• Facilitate accountability in cybersecurity performance and outcomes through metrics data collection, reporting and standards monitoring.
• Define KPIs to measure enterprise-wide security effectiveness and support program governance.
• Work with cross organizational governance/coordination team to monitor performance and cyber security outcomes.
• Support planning for cybersecurity initiatives and oversight of initiatives/projects budget/scope/schedule.
• Identify and develop mitigation plans on cybersecurity GRC project issues, risks and impacts.
• Identify regulatory, legislative, and industry specific compliance requirement processes (i.e. NIST, NERC CIP, TSA) that can be enhanced through common GRC solution, in collaboration with the respective compliance teams. 
• Develop, implement and provide oversight of the Enterprise Security GRC solution platform including use case and work flow standards to support performance metrics, third party cyber controls review and security exception management.
• Develop and oversee 3rd party cybersecurity assessment process, privileged user request process, and exception management process for cybersecurity policies, tools and architecture.
• Define and manage an enterprise-wide cybersecurity GRC awareness and training program to drive desired security behaviors across the WEC employee population, and create or acquire core program content.

Minimum Qualifications

• Bachelor's Degree 
• Minimum of 8 years in an information systems support role and experience in an occupation requiring project leadership with a wide range of experiences 
• Strong technical understanding of application development practices and strong analytical skills

Preferred Qualifications

• Bachelor’s Degree in Computer Science, MIS, Business Management or Engineering 
• Certified Information System Security Professional (CISSP)
• Demonstrated leadership skills
• Experience with information security program focused on NIST CSF, NERC CIP compliance and TSA compliance

End Date: 05/21/2025 

Pay Range Minimum:  $101,743.46 

Pay Range Maximum:  $152,615.06 

The pay range reflects the minimum and maximum for the position at the time of posting and may be modified in the future. The starting salary/pay within the pay range will be based on several factors, as applicable, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, shift, travel requirements, collective bargaining agreements, and business and organizational needs.  At WEC Energy Group, it is not typical for an individual to be hired at or near the top of the range for their role.

WEC Energy Group benefits

We reserve the right to modify the application deadline or discontinue accepting applications for any position if deemed necessary.

Learn more at Careers

Legal authorization to work in the United States is required. We will not sponsor for Employment visas, now or in the future, for this job opening.

WEC Energy Group and its subsidiaries are Equal Opportunity Employers. As a result, all qualified applicants will receive equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any other protected status. The Company also complies with all applicable federal, state and local laws that require it to take affirmative action.
 

EEO/AA policies and statements