We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Madison Gas & Electric jobs

Manager Security Operations and Provisioning

Madison Gas & Electric
United States, Wisconsin, Madison
Feb 14, 2025


POSITION PURPOSE

The Manager Security Operations and Provisioning will be responsible for leading two critical functions within the organization: securing the environment through effective security operations and overseeing the management of end-user access provisioning. This position will drive the implementation and continuous improvement of security monitoring and protections, incident response, and identity and access management (IAM) processes to safeguard the organization's information systems.

This position demands a hands-on leader who can manage high-pressure situations, communicate effectively across teams, and contribute to the development of security policies, incident response plans, and IAM frameworks. The ideal candidate will have extensive experience in both cybersecurity operations and identity/access management and a track record of successfully securing and streamlining user-provisioning workflows.

DUTIES AND RESPONSIBILITIES

  • Leads and coordinates security incident response efforts, ensuring rapid identification, containment, and remediation of cyber threats.
  • Oversees daily security operations, including monitoring, detecting, and response efforts, ensuring effective threat management and risk mitigation strategies.
  • Manages the development and implementation of incident response plans and runbooks, ensuring they are regularly tested and updated to address emerging threats.
  • Acts as the primary point of contact for internal stakeholders during security incidents, ensuring clear and effective communication.
  • Oversees the implementation and maintenance of security monitoring tools and processes for event detection, incident response, and forensic analysis.
  • Analyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the Company networks and systems.
  • Stays abreast of the security industry threat landscape, specifically within the Company's industry.
  • Ensures post-incident analysis is conducted, including lessons learned, root cause analysis, and recommendations for improving future response protocols.
  • Collaborates with external agencies, such as law enforcement, third-party vendors, and forensic investigators, when necessary, to handle major cyber incidents.
  • Oversees the collection, preservation, and analysis of digital evidence related to security incidents in accordance with legal and organizational requirements.
  • Prepares detailed incident reports for senior management as necessary.
  • Serves as a team lead and initial point of contact for all parties involved in incident response efforts.
  • Ensures all security incidents are documented and reported per regulatory and compliance requirements (e.g., NERC CIP).
  • Actively recruits and leads by example to create a culture where employees want to work.
  • Conducts verification and validation testing, when necessary, of the Company networks and sensitive programs through internal team resources and engagements via consulting efforts.
  • Leads the team to implement secure enterprise systems and identifies issues that could compromise data integrity or security.
  • Develops IT security programs and recommends necessary changes to the information security team to ensure the Company's systems are fully compliant with all applicable regulatory requirements.
  • Recognizes his/her personal developmental needs and is proactive in obtaining the coaching, networking, and training needed to ensure his/her continued success in the position.
  • Creates a working environment that is conducive to two-way communication, teamwork, and learning.
  • Recognizes the varying strengths, skills, and needs of the team and adapts his/her coaching skills to obtain the best possible results from each individual contributor.
  • Utilizes open communication and leads by example to ensure the standards, expectations, and goals of the organization are upheld.
  • Acts as a change agent and drives the department and business forward using effective management, analysis, and strategic skills.
  • Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization.
  • Provides supplemental hands-on support as needed in response to cyber incidents.
  • Directs employees to implement identity and access management solutions that align with access policies and processes while reducing manual errors and overhead.
  • Ensures employees maintain up-to-date configuration documentation for systems and processes.
  • Leads the team through IDAM governance, policies and solutions across SSO, directory, certificate, multifactor authentication (MFA), privileged accounts, automation, and behavior analytic systems.
  • Supports automation and orchestration to maximize efficiencies, enhance visibility and monitoring, and reduce errors.
  • Attends change and project management meetings and engages with other participants.
  • Works with internal auditors to maintain necessary controls and provide audit evidence as necessary.
  • Oversees processes supporting full life cycle of end-user provisioning, including user account creation, role-based access management, and deactivation of accounts as part of an ongoing process to ensure appropriate access levels.
  • Ensures smooth and timely onboarding and offboarding processes, aligning with security best practices.
  • Works with HR, IT, and other departments to ensure the seamless management of access rights throughout the employee life cycle.
  • Supervises and mentors a team of security analysts and specialists, providing guidance and support for their career development.
  • Collaborates with cross-functional teams, including IT, legal, compliance, and business units, to align security strategies with organizational objectives.
  • Develops and manages key performance indicators and metrics to track the effectiveness of security operations, IAM, and end-user provisioning processes.
  • Provides guidance, as necessary, utilized to create security awareness programs and training initiatives across the organization.

QUALIFICATION

Education and Experience

  • Preferably ten plus years of technical hands-on security experience, with at least three to five years in a team lead or supervisor role.
  • Bachelor's degree, Associate's degree, or alternatively equivalent experience.
  • Industry certifications such as CISSP, CISM, and/or SANS certification a plus.

Knowledge and Skills

  • Strong leadership and team management skills, with the ability to foster collaboration and drive results in cross-functional settings.
  • Excellent problem-solving and analytical skills, with the ability to think critically and respond effectively to security incidents.
  • In-depth knowledge of security technologies, including firewalls, intrusion detection/prevention systems, endpoint protection, email protection, encryption, SIEM and general monitoring technologies, and data loss prevention.
  • Familiarity with security frameworks, IT governance models, and regulatory requirements (e.g., SOX, NERC CIP, etc.).
  • Able to communicate complex security concepts clearly and effectively to both technical and nontechnical stakeholders.
  • Demonstrates strong written and oral communication skills.
  • Understands service design and delivery concepts.
  • Demonstrates solid organizational skills and the ability to multitask, prioritize workload, and delegate responsibilities.
  • Effectively manages stress in a constantly changing environment.
  • Leverages subject matter expertise in security and compliance.
  • Demonstrates excellent judgment and the ability to make quick decisions, thinking outside the box when working with complex situations.
  • Demonstrates a high level of flexibility.
  • Is forward-thinking and possesses business acumen.
  • Possesses a high level of integrity, trustworthiness, and confidence and represents the Company and its management team at the highest level of professionalism.
  • Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulations.
  • Works effectively with a variety of personalities and can adapt his/her approach to effectively reach and develop his/her team. Uses this skill as well as his/her functional knowledge to both earn and maintain a high level of credibility with the team.
  • Highly technical and analytical, with a proven background in IDAM technology design, implementation, and delivery.
  • Experience and understanding of various regulatory requirements and laws such as but not limited to Sarbanes-Oxley (SOX), North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), etc. Additionally, experience in one or more of the following is required: ISO 17799, ITIL, or NIST.
  • Extensive knowledge of SSO, MFA, Active Directory, privileged accounts, and integration application program interface capabilities.
  • Strong analytical skills to translate user project needs into technical solutions.
  • Strong technical background, aptitude, and overall ambition.
  • Strong planning, verbal, writing, and interpersonal skills.
  • Able to effectively communicate with nontechnical management and staff.
  • Effective time management skills.

ABOUT THE ORGANIZATION

About MGE

MGE generates and distributes electricity to 163,000 customers in Dane County, Wisconsin, and purchases and distributes natural gas to 176,000 customers in seven south-central and western Wisconsin counties. MGE is a regulated utility subsidiary of the investor-owned public utility holding company MGE Energy, Inc. MGE's roots in the Madison area date back more than 150 years.

An industry leader, MGE was among the first utilities nationwide to commit to net-zero carbon electricity by 2050, consistent with global climate science. Your community energy company is investing in a more sustainable future for the benefit of all our customers, investors, and employees. As your community energy company, we are committed to this area and its people. We take responsibility to:

Plan and provide a safe, reliable, and cost-effective energy supply that balances the needs and values of those we serve.

Provide information and education to serve our customers and stakeholders and help inform their energy decisions.

Preserve and protect our environment while providing affordable, reliable energy.

Encourage and support economic and business development to keep our economy strong and vibrant.

Engage in open and honest dialogue, partnership, and collaboration to best serve our customers and the broader community.

Our Values

  • Safety: Safety is a core value at MGE. The safety of our employees, customers, and communities is our top priority. Our culture initiatives continuously improve our safety performance. MGE has earned numerous safety awards for this safety performance, including the AGA Leading Indicator Safety Award.
  • Reliability: We invest in our people and in our systems to help ensure top-ranked energy reliability that helps to maintain the economic health and vitality of the communities we serve. MGE is a national leader in electric reliability.
  • Sustainability: With a commitment to transparency, accountability, and continuous improvement, we take a holistic and proactive approach to sustainable practices company-wide.
  • Equity: We are committed to equity and inclusion in our service to our customers, in our workplace, and in our broader community, and we value diverse perspectives, ideas, cultures, and backgrounds.

MGE's parent company is MGE Energy, Inc., a public utility holding company. Its common stock trades on the NASDAQ Stock Market. For more information, visit mge.com and mgeenergy.com.

JOB LOCATION

The position is hybrid, and office days are in downtown Madison, Wisconsin, where MGE is an active participant in community efforts to preserve the area's extraordinary quality of life. We offer free, on-site parking and are located near biking trails and bus stops. Many employees enjoy the use of our many on-site EV charging stations.

If you are interested in applying for this position, click on "Apply Now" below. However, if you are already logged in, click on the "Add To My Jobs" below.

AA/EOE-Minorities/Females/Gender Identity/Sexual Orientation/Disabled/Vets

Applied = 0
MORE JOBS LIKE THIS

(web-7d594f9859-hk764)