Principal Information Security Strategist

Principal Information Security Strategist

Join to apply for the Principal Information Security Strategist role at Southwest Power Pool
.

Southwest Power Pool (SPP) is about more than power. We’re about the power of relationships and ensuring reliable, affordable electricity for millions of people. We believe in supporting employees through a fantastic benefits package and a culture that values doing the right thing.

• Competitive pay with bonus opportunities
• Excellent insurance package including three great medical plans, employer‑paid short‑term disability, long‑term disability, and life insurance
• Relocation assistance
• Flexible working environment: work from home when eligible and collaborate in person when needed
• 401(k) savings plan with employer match and a defined benefit plan fully funded by SPP

Principal Information Security Strategist | Pay Range: $ - $

• Define and implement long‑term cybersecurity strategies aligned with business objectives, such as zero‑trust.
• Design and lead implementation of security controls and solutions to protect enterprise systems and applications.
• Collaborate with IT and architecture teams to ensure infrastructure and application security meet organizational standards.
• Evaluate and recommend new technologies and tools that enhance cyber resilience.
• Identify security threats and vulnerabilities, assess risk, and develop mitigation strategies.
• Ensure compliance with internal policies and regulatory requirements.
• Review IT projects and system designs for adherence to security standards.
• Maintain up-to-date knowledge of evolving cyber threats, tools, and best practices.
• Provide mentorship, technical guidance, and knowledge transfer to IT teams.
• Represent the organization in technical committees, working groups, and industry collaborations.

• Bachelor’s degree in Information Technology or a related field (or equivalent experience).

• 12+ years of applicable IT experience in systems architecture, design, development, and deployment.
• Strong knowledge of network security, cloud platforms, application security, and zero‑trust principles.
• Strong leadership skills.
• Expert written and oral communication skills.
• Knowledge of security architecture evaluation principles, practices, and guidelines.
• Expert analytical and problem‑solving abilities.
• Ability to grasp the concepts of compliance with SPP policies and procedures.

• Certifications such as CISSP, ISSAP/ISSMP, CRISC, and SANS.
• Familiarity with frameworks: NIST, ISO
  27000.
• Familiarity with compliance and regulatory frameworks: NERC CIP Standards, SOC
  1.

Professional office environment. Standard office equipment used. Duties include making decisions, interpreting data, and problem‑solving; standing or sitting for extended periods; occasional lifting up to 10 lbs. Requires collaboration with managers and employees at all levels.

Full‑time, hybrid onsite position based in Little Rock, Arkansas (Central Arkansas). Monday‑Friday 8 a.m.–5 p.m., with occasional extended hours as needed.

Approximately 10% minimal travel.

SPP is an affirmative action and equal opportunity employer of individuals with disabilities and protected veterans. If you need a reasonable accommodation for any part of the employment process, please contact us at HR.