Security Engineer - Exposure Management

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you're looking for.

Role Summary

The Security Engineer - Exposure Management is responsible for building and maturing the attack surface management capability with a focus on answering where the organization is most exposed and what the actual risk is. This role owns external visibility, correlates external exposure to internal systems and accountable owners, and provides clear, actionable risk insight to stakeholders. The role operates in an advisory capacity and drives informed remediation through visibility, analysis, and communication, not direct system changes.

Primary Objectives

* Establish and maintain authoritative visibility of externally exposed assets across domains, IP space, applications, and services.

* Correlate external exposure to internal systems and accountable owners, including complex non-1:1 relationships.

* Answer where risk exists and what exposure means in practical terms to the business.

* Build workflows to manage external findings with minimal manual effort using integration and automation.

* Improve coverage, mapping accuracy, and data quality to reduce unknown external exposure.

Responsibilities

* Build and operate the attack surface management capability, including processes, integrations, and workflows.

* Maintain visibility into externally exposed assets including domains, IPs, web applications, APIs, certificates, load balancers, and DMZ services.

* Correlate external findings to internal systems and ownership across complex, indirect relationships.

* Coordinate with threat intelligence, network, firewall, DNS, and load balancing teams to validate exposure and ownership.

* Develop and maintain integrations to support discovery, enrichment, and correlation of external assets.

* Drive routing accuracy by ensuring findings map to the correct owners and identifying ownership gaps.

* Identify and resolve data quality issues impacting visibility, coverage, and correlation.

* Integrate findings into Service Now workflows where applicable to support routing and tracking.

* Reduce manual effort by standardizing and automating repeatable processes.

* Analyze exposure and vulnerability data in context to determine actual risk beyond tool-based severity.

* Communicate complex technical risk clearly to non-technical stakeholders with actionable recommendations.

* Document processes, playbooks, and operational standards to sustain the capability.

Required Qualifications

* Minimum 5 years of experience in information security.

* Minimum 3 years of hands-on experience in enterprise vulnerability management, exposure management, or network security.

* Strong understanding of networking fundamentals including firewalls, ACLs, routing, load balancing, and externally exposed architectures.

* Strong understanding of DNS, web infrastructure, certificates, and DMZ environments.

* Understanding of infrastructure vulnerability assessment and discovery scanning concepts.

* Basic understanding of cloud-hosted and externally exposed services.

* Basic understanding of web applications and externally facing service risk.

* Strong experience correlating external data to internal systems and ownership across inconsistent datasets.

* Strong analytical and complex technical problem-solving skills.

* Ability to assess and communicate risk beyond tool-generated severity using context.

* Experience working with CMDB or similar systems for asset and ownership tracking.

* Ability to operate independently in a greenfield program environment.

Preferred Qualifications

* Experience integrating external exposure data into Service Now workflows for routing and tracking.

* Experience improving data quality, deduplication, and correlation across multiple data sources.

* Experience working with externally exposed enterprise environments and perimeter infrastructure.

* Experience automating data collection, normalization, or correlation using scripting or APIs.

Certifications

* Sec+ required.

* Higher-level security or risk-related certifications preferred.

Work Location

Hybrid role requiring three days per week in the office. Must be located within Xcel Energy territory and reasonably close to an Xcel Energy facility. Denver, Colorado and Minnesota areas preferred.

As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you're ready to be a part of something big, we invite you to join our team.

All qualified applicants will receive consideration for employment without regard to age, race,…