Job Specifications

Information Security Architect serves as a key member of the Black Hills Security team. The Information Security Architect provides thought leadership and expertise in information security system design to safeguard the Black Hills corporate network infrastructure and data as well as various industrial control system infrastructures included in the Gas and Electric utility industry.

The Information Security Architect will evaluate the existing information security strategy and program and apply these strategies to existing and prospective technology projects with responsibilities including the development/refinement of strategy, policy, regulatory compliance, risk identification and mitigation, security architecture and standards.

The Information Security Architect will provide security expertise to new IT projects, will identify applicable security controls, determine functional and non-functional security requirements, and identify design solutions that meet business objectives while meeting security standards. In addition, this person will implement and maintain systems and processes that protect business and client information.

SALARY / GRADE: 16 (Determined by the knowledge, skills, and abilities of the applicant.)

• Level II: $92,500 - $152,450 / Grade 17
• Senior: $100,650 - $166,050 / Grade 18

REPORTING RELATIONSHIP: Manager of Corporate and IT Security

LOCATION: Rapid City, SD

ESSENTIAL JOB FUNCTIONS:

• Design and document security solutions in compliance with the existing enterprise-wide information security strategy and policies. Including LAN, WAN, VPNs, firewalls, routers, and other related security solutions and functionality.
• Review existing architecture, identify design gaps, and recommend security enhancements.
• Serve as information security subject matter expert, trusted advisor; provide advisory and consulting services as needed to various department and project teams.
• Meet with project teams, architects, and other subject matter experts to develop system designs and project plans that include the appropriate security controls to meet security standards and regulations.
• Proactively review and analyze new or proposed business applications to evaluate appropriate security capabilities, assessing their risk and their value in support of corporate goals and security strategy.
• Understand current as well as emerging security threats and design security architecture to mitigate threats where possible.
• Conduct security reviews of vendor proposals, conduct process analysis, review information security architectures, and recommend modifications to the information security operation to evaluate risk, reduce costs, or improve service.
• Stay abreast of new security technologies and integrate into security architecture design when appropriate.
• Maintain an awareness of existing and proposed security standard setting groups as well as State and Federal legislation and regulations pertaining to information security.

ADDITIONAL RESPONSIBILITIES:

• Other duties as assigned.

QUALIFICATIONS:

Level II:

• Minimum of three (3) years of Information Security experience in a role as a security analyst, security engineer or security architect is required.
• Minimum of bachelor's degree in information technology, Computer Science, Information Assurance, or related technical field is required.
• Required: Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc.

Senior:

• Minimum of five (5) years of Information Security experience in a role as a security analyst, security engineer or security architect is required.
• Minimum of bachelor's degree in information technology, Computer Science, Information Assurance, or related technical field is required.
• Required: Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc.

KNOWLEDGE/SKILLS/ABILITIES:

• Strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
• Understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Mobile BYOD as well as the associated security risks.
• Working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, ITIL, COBIT, CIS Top 20 and NIST
• Operating knowledge cyber security theory and practice as promoted by numerous security standards and certification entities desired.
• Understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics and malware analysis; security incident response.
• Knowledge of physical and/or cyber security architecture.
• Experience with various Information Security technologies, including firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.)
• Excellent organizational skills with attention to details, accuracy and timeliness.
• Excellent communication skills Work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems.
• Handle confidential and proprietary information with discretion.
• Ability to lead and mentor coworkers in security and job-related functions.
• Able to work independently, handle multiple projects simultaneously, assist with coordinating a variety of work functions and the ability to adapt to critical timelines.
• Ability to troubleshoot system and maintenance problems.

This description is not intended to be an all-inclusive list of responsibilities, duties, and requirements for employees in this position. Job descriptions may and do change periodically. Where positions are covered by a collective bargaining unit agreement, the terms and conditions of the agreement will apply.

About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas).

Enjoy our Comprehensive Benefits Package! Annual discretionary bonuses, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, generous paid time off benefits, including paid holidays and parental leave, company paid life insurance and disability benefits (short and long term), an employee assistance program and well-being benefits, and competitive medical, dental and vision insurance.

Candidates must successfully pass a pre-employment drug screen and background check.

Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran. If you require reasonable accommodation, please visit for more information.