Consumers Energy Security Risk Analyst in Lansing|Grand Rapids|Saginaw|Flint|Kalamazoo|Alma|Royal Oak|Battle Creek|Midland|Bay City|Cadillac|Traverse City|Hamilton|Sparta|Livonia|Owosso|Hastings|Norton Shores|Kentwood|West Branch|Big Rapids|Clare|Benzonia|Clinton Township|Fremont|Greenville|Boyne, Michigan
Join a diverse and dynamic team that makes and delivers the most valuable services in the world: electricity and natural gas. At Consumers Energy, our customers are at the heart of everything we do. Our employees work around the clock to provide service to our customers in honor of our history and to fulfill our promise to Michigan - Count on Us! Consumers Energy, the principal subsidiary of CMS Energy and headquartered in Jackson, Michigan, provides natural gas and electricity to nearly 6.8 million of Michigan's 10 million residents in all 68 Lower Peninsula counties.
The Security Risk Analyst is performing risk management activities within the Security Organization.The major responsibilities of this role includes designing
and performing risk assessments, recommending risk treatment, continuously improving Risk Management governance processes, ensuring contracts comply
with Secuirty requirements, and facilitating the planned and unplanned review of Security policies. This role will require the candidate to work with various
stakeholders; including IT and various business units.
Due to the complex nature of cyber and physical security risks, this role requires the ability to think conceptually, communicate effectively, ability to navigate
tough, often politically driven, company issues and negotiate with stakeholders a mutually acceptable outcome.
Work with CE Supply Chain to ensure adherence to Security's contract/vendor review process.
Review new/renewal contracts to ensure Security contract requirements are included as necessary.
When possible, use discretion and when necessary, consult with Security subject matter experts and contract requirement owners to ensure Security
objectives are met for contracts.
Assist in all risk-related activities of Consumers Energy’s Secuirty organization, including, planning, testing, reporting and recommending appropriate
Conduct benchmarking activities in order to understand and model industry best practices
Monitor the legal and regulatory environment for developments that could require changes to Consumers Energy’s established Security policies and
Provide oversight, monitoring and reporting of risk mitigation activities relating to security risk assessments.
Coordinate risk mitigation activities with stakeholders from various internal departments.
Deliver consistent security risk assessments for new or updated business process applications.
Enables business sections to properly assess the risk of the business projects and systematically review them.
Set objectives for & development of new risk management processes, and strategies assuring alignment with overall security policies & goals.
Act as key liason with IT to remediate critical vulnerabilities identified by scans or assessments.
Dictate requirements language for supply chain contracts to ensure proper security coverage.
Responsible for creating, and maintaining Security Policies.
Knowledge of national standards, regulations, technical cyber issues and diverse corporate requirements.
Work with Compliance department to deliver processes.
Responsible for maintaining Security Privacy policies, processes and standards. Monitor and report out on non-compliance.
Requires a bachelor’s degree preferably in an Information Technology field. Less than a bachelor’s degree may be acceptable if accompanied by other
technical training / relevant certifications and extensive experience (internal/external) in positions that demonstrate required abilities and performance.
3+ of combined work experience focused in either information security or business management disciplines.
Member of the Security Risk Management team which ensures risks are properly evaluated, mitigated where possible, and communicated to the appropriate level of
management. Key liason with IT, to analyze and remediate critical risk items identified. Ensure compliance of regulatory, and other key business areas. Governs and
facilitates the adoption of Policies identified in the Security organization.
The IT Business Job Family is utilized in Information Technology. Employees in this job family are focused on business process and capabilities, within IT and
throughout the company. Typically employees in this job family with an internal IT focus work in a strategy and governance capacity. Other employees perform
a liaison function focused on relationship building, IT processes and utility business knowledge to plan for IT investments that enable business process and
Nature of Work
Duties include Business support to an organization's employees and train non-technical workers on the business's information equipment and systems.
Assesses the effectiveness of technology resources already in use or new systems/equipment that are being implemented. Determines the practicality of
changes and modification of systems. Works with external partners, including consultants and vendors, to arrive at the most appropriate system or integration
of multiple systems. Stays up-to-date on emerging technologies and the potential effectiveness of these advancements in their current system.
Works closely with department managers, co-workers, and peers to define and analyze business and operational problems, process improvement
opportunities and requirements; analyzes operational and business mandates and legal requirements; identifies and analyzes complex, ambiguous and/or
conflicting business process issues; advises department leaders on technology related projects; explains technology and process options and assists
managers in analysis and decision making; analyzes management information needs and recommends data and reporting processes; coordinates the
development of department priorities and works within IT to align initiatives to these priorities; facilitates user meetings and joint development sessions.
Develops and refines business models and relationship diagrams; evaluates methods of improving efficiency and cost effectiveness of business, technical
and operational processes; works with users to reengineer work processes; analyzes functional business requirements and translates user expectations into
detailed business requirements, specifications and success criteria; works with Information Systems to develop conceptual proposals for business process
automation initiatives; recommends work process and/or operational changes to complement system functionalities; serves as an advocate for department
needs with IT; stays abreast of developments in departmental processes to anticipate emerging technology needs. Participates in the development of
statements of work for RFPs/RFIs; participates in evaluating vendor applications and solutions; coordinates department review of vendor deliverables for
accuracy and completeness, ensuring that department needs and requirements have been met. Develops significant application/hardware solutions to
problems and addresses change request issues that require assignment of resources. Analyzes and troubleshoots complex applications problems and
errors; takes action or communicates solutions to problems; answers technical questions and provides guidance to users on system functionalities and
methods for correcting problems. Develops training materials and handouts; conducts user applications training classes and one-on-one training sessions;
develops and maintains user documentation. Designs and generates custom reports to meet user needs; uses reporting tools to extract user-required data.
Plans and coordinates the deployment of new technologies for client solutions; coordinates user acceptance testing and the resolution of problems identified.
Regular attendance is expected.
Hours and Travel
Meet travel requirements of the position. Work a flexible schedule, which may include evenings, weekends, holidays and overtime.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job,
the employee is regularly required to sit, stand, walk, stoop, kneel, crouch, crawl, and use hands to finger, handle, or feel objects. The employee frequently is
required to talk or hear. The employee must lift and move up to twenty pounds. Specific vision abilities required by this job include close vision, color vision,
depth perception, and the ability to adjust focus. The work environment characteristics described here are representative of those an employee encounters
while performing the essential functions of this job. The noise level in the work environment is usually moderate
Position will be filled at the appropriate salary grade based upon the skills, knowledge, and experience of the selected candidate.
All qualified applicants will not be discriminated against and will receive consideration for employment without regard to protected veteran status, disability, race, color, religion, sex, sexual orientation, gender identity or national origin.