Share this Job

Security Findings Management Lead Job

Date: Jan 5, 2019

Location: MN - Minneapolis, US, 55401

Company: Xcel Energy

Location(s): MN - Minneapolis


Are you looking for an exciting job where you can put your skills, talents and education to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow?  A professional position at Xcel Energy could be just what you’re looking for.



Position Summary

Designs and executes critical aspects of the Enterprise Security Findings Management function. Develops, recommends and implements controls and cost-effective approaches to minimize the organization's risks effects. Partners with the business and technology teams to promote understanding of the business landscape in order to facilitate security risk-based discussions. Collaborates with executive and technical leadership to embed a security-focused mindset in all areas. 


Essential Responsibilities

  • Analyzes organizational security findings, interactions, develop and publish security findings handbook, and procedures for implementation ensuring alignment with appropriate standards and frameworks.
  • Manage and execute finding management, reporting, and monitoring processes. Interprets internal or external business issues and recommends solutions / best practices. Solves complex problems; takes a broad perspective to identify solutions.
  • Analyzes external market dynamics and other data sources to assess trends and develop actionable insights and recommendations to management, via understanding of the business model and the information available for analysis. Assist in coordinating the security risk within the context of the security risk model.
  • Assesses and communicates information regarding findings with functions across the organization. Builds and maintains relationships with business partners, including understanding their specific risk landscape. Uses professional knowledge, skills, and experience to influence and guide, monitor, and credibly challenge business areas as they manage their findings and make risk based decisions.
  • Management and Oversight of the RSA-Archer Security Findings Management Module.
  • Management and Oversight of ESS relationship with Audit Services, External Audit, and other Regulatory Bodies.
  • Develops presentations appropriate for senior level audiences and external regulators. May mentor and give work direction to less experienced colleagues.


Minimum Requirements

  • Bachelor’s degree or higher in an IT business, or risk management related field.
  • Minimum of 8 years of experience working in security (physical or cyber). 3 years of experience with security risk assessments, audit or control testing.
  • Experience and expertise in security and lifecycle management, auditing methodology, and technology risk assessments.
  • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
  • Ability to document and explain risks and vulnerabilities to both business and technical stakeholders.
  • Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
  • Solid understanding of information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, FISMA, BITS etc.).
  • Strong business acumen with the proven ability to bridge the gap between business and technology.





As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you’re ready to be a part of something big, we invite you to join our team.


Posting Notes:  MN - Minneapolis || MN - Minneapolis || United States (US) || Customer And Innovation || 70080:Security Governance & Risk Svc || Full-Time || Non-Bargaining ||

Requisition Number: 16685

Equal Opportunity Employer: Minority/Female/Disability/Veteran

Individuals with a disability who need an accommodation to apply please contact us at

Nearest Major Market: Minneapolis

Job Segment: Risk Management, Manager, Law, Finance, Management, Security, Legal, Energy