IT Portfolio Lead – OT Regulatory Compliance

Xcel Energy•Minneapolis, MN

7d•$97,600 - $138,600•Onsite

About The Position

The IT Portfolio Lead - OT Regulatory Compliance within Enterprise Security Services (ESS) is responsible for the governance, oversight, and execution of compliance programs supporting Operational Technology (OT) environments, with a focus on NERC CIP and TSA security directives. This role establishes and maintains a systematic approach to managing regulatory obligations, including internal controls, audit readiness, evidence management, and continuous compliance monitoring across Technology and Security Services supported systems and programs. As part of ESS’s governance and oversight function, this position provides consultation to business units, application owners, and technology teams to ensure alignment with regulatory requirements and enterprise compliance objectives. The role assists in the completion of compliance assessments, control design and effectiveness reviews, and risk evaluations, delivering actionable insights to reduce regulatory risk and improve the maturity of the OT control environment. The IT Portfolio Lead - OT Regulatory Compliance partners closely with ESS stakeholders and cross-functional teams—including Technology Services, Transmission, and Generation—to ensure consistent implementation of compliance requirements and clear ownership of responsibilities across NERC CIP standards and related regulatory domains. The role drives accountability through the development and reporting of meaningful compliance metrics, dashboards, and insights that support leadership visibility into control performance, audit readiness, and remediation progress. This position is accountable for establishing, maintaining, and continuously improving ESS policies, procedures, tools (including governance, risk, and compliance platforms), and standardized processes that enable efficient execution of compliance activities. Leveraging industry best practices and regulatory guidance, the role ensures adherence to evolving NERC and TSA requirements and supports ESS and business areas in responding effectively to audits, inspections, and regulatory inquiries.

Requirements

Seven years of related functional experience
Bachelor's degree in technology, Science, Business or related field, or 4 years of experience equivalent to the position.
Excellent communication skills, effective with varying organizational levels and skill set, and able to translate between technical and non-technical concepts.
Excellent Relationship Management and collaboration skills, with a track record of working as one team cross-organizationally to drive innovation and business results
Experience in IT, Supply Chain or Finance.
Demonstrated experience in project management activities, including management of project financials and schedule.
At least 2 years of experience using project management tools, techniques and communication processes, or equivalent demonstrated knowledge and skills.
Expertise in policy and regulation compliance
Demonstrated ability to work in a diverse, regulated and rapidly changing business environment
Previous management of core business processes with proven ability to lean processes and cut waste and continuously improve solutions
Demonstrated proficiency in using applicable process tools.

Nice To Haves

At least 2 years of NERC CIP regulatory experience
Experience with Archer GRC platform

Responsibilities

Provide strategic oversight and planning for ESS OT regulatory compliance programs, ensuring alignment with NERC CIP, TSA, and enterprise objectives.
Lead compliance program execution across internal controls, assessments, standards implementation, and audit readiness activities.
Utilize data analytics, control performance results, and audit insights to identify compliance risks and recommend mitigation strategies.
Ensure the quality, integrity, and accuracy of compliance data, evidence, and reporting used for regulatory and leadership visibility.
Operate and continuously improve ESS compliance processes that support internal controls, evidence management, and regulatory reporting across OT environments.
Drive strong audit and compliance outcomes by standardizing processes, reducing manual effort, and enhancing effectiveness of tools (e.g., GRC platforms such as Archer).
Ensure processes are aligned to regulatory requirements and designed for sustainability, traceability, and defensibility during audits.
Lead initiatives to improve usability of compliance tools, reporting, and workflows while incorporating industry best practices and lessons learned from audits and regulatory guidance.
Develop and deliver targeted training, guidance, and communications to application owners, control owners, and business stakeholders to ensure clear understanding of compliance responsibilities, regulatory requirements, and ESS processes.
Support awareness and adoption of policies, procedures, and tools related to NERC CIP and TSA.
Contribute to the development and tracking of compliance metrics and key performance indicators (KPIs) to measure process effectiveness, audit readiness, and overall program maturity.
Serve as a primary point of contact within ESS for compliance-related processes, fostering strong partnerships with Technology Services, Transmission, Generation, and other business areas.
Act as a liaison between ESS and internal/external stakeholders, including auditors and regulators, to support audits, data requests, and compliance inquiries.
Leverage stakeholder feedback and operational insights to continuously improve the effectiveness, efficiency, and user experience of compliance processes, tools, and governance practices.