We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Senior Information Security Architect

Black Hills Energy
life insurance, vision insurance, parental leave, paid time off, paid holidays, tuition reimbursement, 401(k), relocation assistance
United States, South Dakota, Rapid City
Oct 10, 2025

Job Specifications

Black Hills Energy is people powered and purpose driven. Our team uses the power of energy to improve life for over one million customers in 800+ communities across the West and Midwest. We seek talented, caring people who embody our core values and contribute to a culture of inclusion and growth. As an organization, we believe the best part of working on our team is our commitment to making tomorrow better than today-for our customers, communities and each other.

Position summary:

The Senior Information Security Architect is a strategic leader within the Black Hills Energy Enterprise Security team, responsible for shaping and advancing the organization's security posture. This role provides expert-level guidance and thought leadership across a broad range of cybersecurity domains to protect both corporate IT infrastructure and critical industrial control systems (ICS) supporting the Gas and Electric utility sectors. The Senior Information Security Architect will work as an individual and in a multi-disciplinary team environment to lead design, development, and continuous improvement of the enterprise security architecture, ensuring alignment with business objectives and regulatory requirements. Additionally, the Senior Information Security Architect will evaluate/enhance existing security strategy, policies, and frameworks to address evolving threats and compliance obligations. The Senior Information Security Architect will evaluate the existing information security strategy and program, with responsibilities including the development/refinement of strategy, policy, regulatory compliance, risk identification and mitigation, security architecture and standards. The Senior Information Security Architect will act in an internal consultant role and will analyze, recommend, develop, implement and maintain systems and processes that protect business and client information.

Pay Range: $103,150 - $170,200 (This posting includes the full pay range for this position. Pay is based on a number of factors and may vary depending on job-related knowledge, skills, experience, and internal equity.)

Reporting Relationship: Senior Manager Cybersecurity

Location: Rapid City, SD

Relocation Assistance: Relocation assistance is available based on individual circumstances! Details to be shared during the offer process.

Essential Functions:
* Manage the development, documentation, implementation, and communication of enterprise-wide information security strategies, cybersecurity capabilities, practices, and policies.
* In conjunction with the Enterprise Architecture team, lead and/or manage multi-disciplinary team reviews of existing architecture, identify design gaps, and recommend security enhancements and collaborate with stakeholders to align security with business goals.
* In conjunction with the Enterprise Architecture team, lead and/or manage multi-disciplinary team reviews of new products, business applications, and/or vendors to identify security design gaps to evaluate appropriate security capabilities, assessing their risk and their value in support of corporate goals and oval security strategy.
* Conduct individual, independent security reviews of vendor proposals, review security architectures and recommend modifications to the information security operation to evaluate risk reduce costs or improve service.
* Serve as information security subject matter expert, trusted advisor/inside consultant; provide advisory and consulting services as needed to various department and project teams.
* Collaborate cross-functionally with IT, engineering, compliance, and business stakeholders to integrate security into enterprise initiatives and technology roadmaps.
* Understand current as well as emerging security threats and design security architecture to mitigate threats where possible
* Stay current with emerging technologies, threat landscapes, and industry trends to proactively guide security investments and innovation.
* Assist multi-disciplinary incident response team in response to current or potential threats, incidents.
* Lead and/or participate in security risk assessments using NIST based risk methodology.
* Prepare specific security status reports by developing, collecting, analyzing, and summarizing security related data and trends.
* Present specific security status reports to various levels of management, including Senior Management Team.
* Identify and develop regular and emergency security-related communications as needed.
* Actively promote security and risk related campaigns for information security awareness among all staff.
* Maintain an operational understanding of existing and proposed security standards as well as State and Federal legislation and regulations pertaining to information security.
* Conduct risk assessments, threat modeling, and gap analyses to identify vulnerabilities and recommend effective mitigation strategies.

Additional Responsibilities:
* Identify, track and report information security metrics on a monthly basis. Design and provide metrics reports for various audiences including IT staff, IT leadership, Senior Management and the Board of Directors.
* Acts as information security liaison with all levels of the IT organization and with the lines of business and other internal departments and organizations.
* Participate as part of the contract review team for those contracts with IT or IT security implications. Make recommendations for standard contract language related to security functions and/or requirements.

What Is Required:
* Bachelor's Degree Minimum of Bachelor's Degree in Information Technology, Computer Science, Information Assurance or related technical field
* Minimum of 5 years of Information Security experience
* Minimum of 5 years of experience in a Security Analyst, Security Engineer or Security Architect role
* Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc
* Must have a strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
* Must have a strong understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Mobile BYOD as well as the associated security risks.
* Must have a solid working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, SANS, ITIL, COBIT, and NIST.
* Must have a strong knowledge cyber security theory and practice as promoted by numerous security standards and certification entities.
* Must have a strong understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics, malware analysis; and security incident response.
* Experience with various Information Security technologies, including: firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.)
* Excellent organizational skills with attention to details, accuracy and timeliness.
* Good presentation skills and able to conduct user training for all security applications.
* Work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems.
* Handle confidential and proprietary information with discretion.
* Able to work independently, handle multiple projects simultaneously, lead a varied team in a variety of security related work functions and the ability to adapt to critical timelines.
* This role will be required to travel up to 10% of the time.

What Is Desired:
* Experience in a converged cyber and Physical Security department
* Experience in business/industry (beyond IT), and experience in business beyond the electric and gas utility space
* Experience managing cross-functional teams or projects, and influencing senior-level management and key stakeholders
* ITIL, PMI
* Knowledge of physical security controls and concepts desired
* Project Management fundamentals desired.
* Ability to lead and mentor coworkers in security and job-related functions.

This description is not intended to be an all-inclusive list of responsibilities, duties, and requirements for employees in this position. Job descriptions may and do change periodically. Where positions are covered by a collective bargaining unit agreement, the terms and conditions of the agreement will apply.

About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas).

Enjoy our Comprehensive Benefits Package! Annual discretionary bonuses, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, generous paid time off benefits, including paid holidays and parental leave, company paid life insurance and disability benefits (short and long term), an employee assistance program and well-being benefits, and competitive medical, dental and vision insurance.

Candidates must successfully pass a pre-employment drug screen and background check. If there is anything that may show up in these reports that may conflict with the position requirements, feel free to contact the Black Hills Energy recruiting team at jobs@blackhillscorp.com.

Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran. If you require reasonable accommodation, please visit careers.blackhillsenergy.com for more information.

Applied = 0

(web-675dddd98f-zqw5m)