Cybersecurity Senior Analyst GRC Policy and Compliance

Apply now »

Date: Apr 16, 2026

Location: Houston, TX, US, 77002

Company: CenterPoint Energy

CenterPoint Energy and its predecessor companies have been in business for more than 150 years. 

 

Our Vision: Our vision is to become the most admired utility in the United States through the execution of our long-term growth strategy. We have an unwavering commitment to safely and reliably deliver electricity and natural gas to millions of people. 

 

Our Commitment: CenterPoint Energy is committed to creating an inclusive work environment where business results are achieved through the skills, abilities and talents of our diverse workforce.

At CenterPoint Energy, individuals are respected for their contributions toward our company objectives. We strive for an inclusive work environment across all levels that is reflective of the available workforce in the communities we serve. 

 

Job Summary

As the Senior Cybersecurity Analyst, GRC, you will be an integral member of the Governance, Risk and Compliance team within the Cybersecurity Department. The Senior Cybersecurity Analyst is primarily responsible for development and maturity of the elements of the GRC function including the following activities:

Essential Functions:

  • Develop and maintain cybersecurity policies and standards working closely with other peers and managers within cyber, IT and across the business  
  • Provide high quality cybersecurity policy and standards consultation to CenterPoint Energy business leaders   
  • Design, implement, and operationalize the Policy Lifecycle Management program in ServiceNow  
  • Develop and maintain core Governance, risk and compliance artifacts, including GRC program charter, cybersecurity service catalog and related documentation
  • Provide subject matter expertise on common control frameworks and lead efforts to create, improve, and monitor cybersecurity controls. 
  • Develop and maintain standards and SOPs standard operating procedures for third party risk management, solution risk assessments, exception management, and other GRC processes  
  • Lead the integration of common controls into ServiceNow IRM, including mapping authoritative documents to citations, aligning citations to control objectives, and developing clear, risk‑aligned control statements and risk statements.  
  • Conduct detailed gap analyses between NIST frameworks such as NIST CSF, NIST 800‑53 and CNP’s cybersecurity policies and standards, identify control gaps, recommend remediation actions, and partner with control owners to align enterprise cybersecurity policies with industry frameworks.  
  • Serve as the subject‑matter expert for NIST frameworks, advising Cyber leadership on alignment, gaps, and required updates to policies and standards.  
  • Develop and maintain a NIST‑to‑CNP mapping library to support audits, assessments, and future regulatory alignment.  
  • Lead cybersecurity projects and initiatives, including project planning, stakeholder engagement, and progress reporting to leadership.  
  • Leverage and expand ServiceNow GRC capabilities to automate workflows, improve data quality, and enhance reporting

Basic Qualifications

  • Strong understanding of information security risk management methodologies, third party risk management, and solution risk assessments
  • ServiceNow GRC experience strongly preferred
  • Promotes productivity and teamwork in assigned area with open communication, timely decision making, and use of personal leadership skills to set high standards of performance while providing the direction necessary to achieve that performance.
  • Develop Trusted Advisor relationship with business leaders to understand business and technical risks
  • Identification of new or emerging risks and develop mitigation plans.
  • Provide technical leadership and GRC subject matter expertise around use of technologies and business initiatives.
  • Driven, energetic, team player with exceptional written and verbal communication skills with the ability to create clear, concise, and executiveready documentation.
  • Superior customer service and interpersonal skills to effectively relate to end user experience and needs; ability to build working relationships and promote information-sharing.  Possess a high degree of originality, creativity, initiative requiring minimal supervision.
  • Proficiency with Microsoft Office (Word, PowerPoint, and Excel) and performing data analysis.
  • Able to assess complex technologies and vendor risks/issues that require sophisticated analytical or problem-solving techniques to identify cause
  • Able to provide professional input to complex assignments/projects as well as direction to more junior professionals 
  • Able to adapt to change, and sometimes competing priorities
  • Able to prioritize and schedule tasks, pay attention to detail, and demonstrate good organizational skills.
  • Able to proactively follow up on action items and outstanding tasks

Education Description

Bachelor’s Degree in a business or technical discipline from an accredited college or university is required.

Experience

  • A minimum of 5 years’ experience in cybersecurity, Governance, Risk and Compliance, security auditing, or relevant IT role working with cybersecurity concepts and tools is required.
  • Experience in data processing and analytics preferred.
  • CISSP, CRISC, or other relevant cybersecurity certifications preferred.
  • In-depth knowledge and experience in technology risk assessments and information security risk management preferred.
  • Demonstrated program and project management planning/execution skills
  • Experience working with common information security standards, such as NIST Cybersecurity Framework (NIST) preferred and a plus

Physical Requirements

    Working Conditions

       

      We want you to know
      Being a part of the CenterPoint Energy team is more than a career alone. It's an opportunity to make a positive impact. You will be an integral part of enabling everyday life and the pursuit of possibilities for the customers we serve and the communities we share. The vital services we provide are at the core of making our world work, and by sharing your energy with us, we'll create a better tomorrow together. 
       

      What we bring to you

      • Competitive pay
      • Paid training
      • Benefits eligibility begins on your first day
      • Transit subsidies
      • Flexible work schedule, paid holidays and paid time off
      • Access to discounts at fitness clubs and an on-site wellness center at our headquarters in Houston
      • Professional growth and development programs including tuition reimbursement
      • 401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contribution

       

      Job Type: Full Time 
      Posting Start Date: 04/08/2026​
      Posting End Date: 04/24/2026


      This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability.

      #LI-CNP


      Nearest Major Market: Houston