Manager Cyber Security and Compliance

CenterPoint Energy and its predecessor companies have been in business for more than 150 years. 

Our Vision: Our vision is to become the most admired utility in the United States through the execution of our long-term growth strategy. We have an unwavering commitment to safely and reliably deliver electricity and natural gas to millions of people. 

Our Commitment: CenterPoint Energy is committed to creating an inclusive work environment where business results are achieved through the skills, abilities and talents of our diverse workforce.

At CenterPoint Energy, individuals are respected for their contributions toward our company objectives. We strive for an inclusive work environment across all levels that is reflective of the available workforce in the communities we serve. 

Summary:

The Cybersecurity Risk & Compliance Manager at CenterPoint Energy leads a team of analysts responsible for conducting risk assessments across technology systems, third-party vendors, and policy exceptions. This role ensures that cybersecurity risk management practices align with the NIST Cybersecurity Framework (CSF) 2.0 and support the company’s broader enterprise risk and compliance objectives. The manager will collaborate with internal stakeholders across IT, Legal, Procurement, and Audit to maintain a strong, risk-aware culture and ensure compliance with regulatory and industry standards.

Essential Duties:

Risk and Compliance Oversight

• Lead and mentor a team of cybersecurity risk analysts in performing risk assessments on internal systems, third-party vendors, and policy exception requests. 
• Maintain and evolve the cybersecurity risk management program in alignment with NIST CSF 2.0. 
• Oversee the development and maintenance of risk registers, mitigation plans, and risk treatment strategies. 
• Coordinate third-party risk assessments using standardized tools (e.g., SIG, CAIQ) and ensure timely remediation of findings. 
• Collaborate with Legal and Procurement to review cybersecurity and privacy clauses in contracts. 
• Support internal and external audits, including evidence collection and remediation tracking. 
• Develop and deliver risk and compliance metrics to senior leadership and governance committees. 
• Ensure compliance with applicable regulations and internal policies. 
• Promote cybersecurity awareness and training initiatives across the organization.

Personnel Management

• Manage geographically disperse direct reports, including performance appraisals, coaching, hiring, and development planning.
• Establish work schedules, administer attendance, and authorize overtime as needed.
• Promote a culture of safety, accountability, and continuous learning.
• Support the development of technical, leadership, and business skills to ensure team success in a competitive environment.

Financial Management

• Prepare and manage the department’s annual budget in alignment with strategic goals.
• Monitor expenditures, report on budget performance, and initiate corrective actions for variances.
• Develop business cases to justify resource allocation for projects and initiatives.
• Provide accurate forecasting and variance analysis to leadership.

Education & Certifications

• Bachelor’s degree in Cybersecurity, Information Systems, Risk Management, or a related field required.
• Professional certifications such as CISSP, CISM, CRISC, or CISA preferred.

Experience

• 5+ years of experience in cybersecurity, with at least 3 years in a risk or compliance-focused role.  2+ years of experience in a leadership role preferred.
• Demonstrated experience leading or conducting risk assessments and managing third-party risk.
• Familiarity with NIST CSF 2.0 and other regulatory frameworks (e.g., ISO 27001, PCI DSS, HIPAA).
• Experience with GRC platforms (e.g., OneTrust, Archer, ServiceNow) is a plus.
• Strong analytical and problem-solving skills with a risk-based mindset.
• Excellent communication skills, capable of translating technical risk into business impact.
• Proven ability to manage multiple priorities and lead cross-functional initiatives.
• High attention to detail and strong documentation practices.

We want you to know
Being a part of the CenterPoint Energy team is more than a career alone. It's an opportunity to make a positive impact. You will be an integral part of enabling everyday life and the pursuit of possibilities for the customers we serve and the communities we share. The vital services we provide are at the core of making our world work, and by sharing your energy with us, we'll create a better tomorrow together. 
 

What we bring to you

• Competitive pay
• Paid training
• Benefits eligibility begins on your first day
• Transit subsidies
• Flexible work schedule, paid holidays and paid time off
• Access to discounts at fitness clubs and an on-site wellness center at our headquarters in Houston
• Professional growth and development programs including tuition reimbursement
• 401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contribution

Job Type: Full Time 
Posting Start Date: 07/29/2025​
Posting End Date: 08/15/2025

This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability.

#LI-CNP