Senior Manager Cyber Risk & Governance

Job Summary

Senior Manager Cyber Risk & Governance leads Alliant Energy’s cybersecurity governance, cyber risk management, vendor cyber risk, and security awareness programs while representing the cyber component of the enterprise privacy program. The role contributes to the NIST Cybersecurity Framework (CSF) 2.0 ‘Govern’ function, chairs cybersecurity councils, and ensures alignment with enterprise risk management strategies and regulatory requirements. It is accountable for policy and standards development, cyber risk quantification, financial impact modeling, and leading governance initiatives and internal change management.

• Develop and maintain cybersecurity policies, standards, and governance frameworks, ensuring compliance with regulatory and internal governance requirements.
• Oversee governance, risk, and compliance processes, including maintaining the cybersecurity risk register and influencing system design to meet program objectives.
• Define and monitor KRIs and KPIs for cyber governance and risk programs.
• Represent cybersecurity in enterprise privacy initiatives to ensure alignment with governance and regulatory requirements.
• Manage third‑party/vendor cybersecurity risk and drive security awareness strategies to reduce human risk.
• Lead integration of IT and OT cybersecurity governance frameworks, ensuring alignment with operational technology risk management and regulatory standards.
• Collaborate with Finance and ERM to quantify financial impacts of cyber risks and integrate cost modelling into risk scoring and executive reporting.
• Establish governance for emerging technologies, including AI/ML, ensuring compliance with enterprise risk appetite and regulatory guidance.
• Lead collaboration with the Cyber Transformation Office to support change management strategies, stakeholder engagement, and adoption of governance frameworks.

• Master’s or advanced degree in Computer Science, Engineering, Information Technology, STEM or related field (Preferred).
• 10 years of experience in cyber security governance, risk management or related field.
• 4 years of supervisory experience.
• Experience with GRC platforms, vendor risk tools, and privacy management systems.
• Certifications:
  
  CISSP, CISM, or CIPP/US (Preferred).

• Access Control Management
• Application Security
• Cybersecurity Risk Management
• Identity Access Management
• Incident Management
• Information Security Risk Management
• IT Security Management
• Network Security Management
• NIST Cyber Security Framework (CSF)
• Security Governance
• Threat Modeling
• Vulnerability Management

Competitive compensation and benefits including a pay range of $146,000 to $200,000, eligibility for an annual incentive program, and comprehensive health, retirement and other benefit programs.

Alliant Energy and its subsidiaries are committed to creating a culture of belonging and are proud to be an Equal Opportunity Employer. All candidates are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other basis prohibited by law. All employees are required to complete a background check and, where applicable, a drug screen.