Qualifications: This requisition is for 2 positions located in S.F.
- NERC ACCESS REQUIRED
- 5 years experience at the senior consultant level.
- Bachelor's degree in a related field or equivalent experience required.
- Strong regulatory familiarity and expertise.
- Excellent compliance and risk experience in corporate environment.
- Strong knowledge and experience in compliance functions and documentation.
- Strong research, analytical and information gathering skills.
- Strong attention to detail and organizational skills, ensuring quality in deliverables.
- Excellent skills in understanding complex business processes, working with the business compliance experts, and providing clear, concise guidance.
- Proven ability to partner and work collaboratively as a team player; relationship building. Ability to managing performance and be resourceful and adaptable to change.
- Demonstrated ability in advocacy and influence, conflict resolution, and process improvement.
- Excellent communication and presentation skills.
- Process Improvement utility industry knowledge.
- Strong Excel, Word, PowerPoint skills; technological saavy .
- Advanced degree desired.
- Excellent Microsoft Visio skills.
- Utility industry experience a plus.
- Experience in utility related regulations, benchmarking, operational efficiency evaluation, and risk assessment . Pacific
- Causal evaluation methods and tools
- Quality Control and Quality Assurance measures Information Security:
- Standards and Control Frameworks (ISO, NIST, DoD, NERC-CIP)
- Cybersecurity Risk Management and Internal Controls Evaluation
Business Process improvement:
- Lean Six Sigma
- Process Engineering/Improvement
Education / Certifications:
Bachelor’s degree (Information Security desired)
Information Security certification: CISSP, CISA, Sec+
Process Improvement certification: Lean Six Sigma or Business Process Management Causal evaluation certification Responsibilities: Support the Transmission Operations Critical Infrastructure Protection (TO-CIP) with program improvement.
- Candidate will support the evaluation and strengthening of internal controls.
Tasking includes but not limited to:
- Lead and participate in cross-organizational efforts that will maintain and strengthen client’s compliance posture.
- Analyze current compliance processes, benchmark as needed, and provide guidance to stakeholders.
- Assist organizations with the design and implementation of best practice guidance, procedures, controls, and metrics that facilitates the organizations understanding of internal controls posture Review guidance documentation.
- Ensure controls provide reasonable assurance.
- We have a flexibly schedule, no set working hours but basic business hours is assumed with flexible lunch as well (7-4, 8-5, 9-6).
- Ensure controls and metrics are implemented and effective.
- Audit compliance processes for adherence to documented procedures and controls.
- Identifying and documenting program issues/challenges.
- Evaluating and analyzing internal security controls and identifying opportunities for improvement.
- Consulting and coordinating with control owners in order to develop corrective and preventive action plans to remediate or mitigate issues.
- Developing security controls assessment test plans to spot check control effectiveness and posture.
- Assessing security controls. Tracking and reporting execution of corrective action plans .
- Performing cause evaluations on program issues to identify root causes.
- Participating in business process design and reengineering.
- Designing program templates for capturing cybersecurity controls implementation and evidence.
PLEASE NOTE: Position will require local travel in the San Francisco area. NERC CIP access required. An in-person interview will be required for the finalist(s).