Manager, Cyber Threat and Vulnerability Management

Manager, Cyber Threat and Vulnerability Management CenterPoint Energy and its predecessor companies have been in business for more than 150 years. Our Vision: Our vision is to become the most admired utility in the United States through the execution of our long-term growth strategy. We have an unwavering commitment to safely and reliably deliver electricity and natural gas to millions of people. Our Commitment: CenterPoint Energy is committed to creating an inclusive work environment where business results are achieved through the skills, abilities and talents of our diverse workforce. The Manager of Threat and Vulnerability Management will play a critical role in overseeing the identification, assessment, and mitigation of security vulnerabilities and threats within the corporate environment. This individual will lead a team of security professionals responsible for proactive vulnerability assessments, risk analysis, and ensuring the timely remediation of identified vulnerabilities. Reporting to the Director of Cyber Security Operations, the Manager will work with cross-functional teams to develop and implement strategies and processes to enhance the utility's security posture, ensuring the protection of sensitive infrastructure, data, and operations from cyber threats. Essential Functions Lead and manage a team of threat and vulnerability analysts, providing guidance, mentorship, and career development. Establish performance metrics and objectives for the team. Oversee the enterprise's cyber vulnerability management program, including the identification, classification, and prioritization of vulnerabilities across the organization's critical infrastructure and systems. Develop and implement strategies for reducing cyber risks. Perform and coordinate risk assessments to identify and evaluate cyber vulnerabilities and develop effective remediation plans. Work closely with internal teams and stakeholders to ensure timely resolution of high-risk vulnerabilities and threats. Support cyber incident response efforts by providing analysis and insights on vulnerabilities and threat vectors. Collaborate with the security operations center (SOC), IT teams, and other relevant departments during security incident investigations and response efforts. Ensure that cyber threat and vulnerability management practices align with industry standards, regulations, and internal security policies. Prepare regular reports and dashboards on threat landscape, vulnerability posture, and remediation progress for executive leadership. Evaluate and improve existing tools, processes, and workflows related to threat and vulnerability management. Stay current with industry best practices, emerging threats, and evolving technologies. Education Description Bachelor's degree in Computer Science, Information Security, or a related field. A Master's degree is a plus. Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are highly preferred. Experience Minimum of 5 years of experience in cyber security, with at least 3 years in a management or leadership role within a large enterprise or critical infrastructure environment. Proven experience in managing cyber vulnerability management programs, threat analysis, and incident response in a large enterprise or critical infrastructure environment. Strong understanding of security frameworks (NIST, ISO, etc.) In-depth knowledge of risk management practices, vulnerability assessment tools, and threat intelligence platforms. Strong leadership and people management skills, with the ability to mentor and motivate a team. Exceptional problem-solving, analytical, and decision-making skills. Proficiency with cyber vulnerability management tools (e.g., Rapid7) and SIEM platforms (e.g., Splunk). Familiarity with operational technology (OT) security and challenges within the utility sector is a plus. Excellent communication skills, both written and verbal, with the ability to present complex information to non-technical stakeholders. Ability to manage multiple priorities in a fast-paced, high-pressure environment. Strong understanding of cyber security threats and vulnerabilities specific to electric and gas utilities, industrial control systems (ICS), and critical infrastructure. Physical Requirements Working Conditions What we bring to you Competitive pay Paid training Benefits eligibility begins on your first day Flexible work schedule, paid holidays and paid time off Access to discounts at fitness clubs and an on-site wellness center at our headquarters in Houston Professional growth and development programs including tuition reimbursement 401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contribution Job Type: Full TimePosting Start Date: 12/19/2024Posting End Date: 12/31/2024 #J-18808-Ljbffr

Created: 2025-02-01