Compliance_9767 & 9773
This requisition is for 2 positions located in San Francisco and another 2 positions Rocklin CA.
NERC ACCESS REQUIRED
- 5 years experience at the senior consultant level.
- Bachelor's degree in a related field or equivalent experience required.
- Strong regulatory familiarity and expertise.
- Excellent compliance and risk experience in corporate environment.
- Strong knowledge and experience in compliance functions and documentation.
- Strong research, analytical and information gathering skills.
- Strong attention to detail and organizational skills, ensuring quality in deliverables.
- Excellent skills in understanding complex business processes, working with the business compliance experts, and providing clear, concise guidance.
- Proven ability to partner and work collaboratively as a team player; relationship building.
- Ability to managing performance and be resourceful and adaptable to change.
- Demonstrated ability in advocacy and influence, conflict resolution, and process improvement.
- Excellent communication and presentation skills.
- Process Improvement utility industry knowledge.
- Strong Excel, Word, PowerPoint skills; technological saavy .
- Advanced degree desired.
- Excellent Microsoft Visio skills.
- Utility industry experience a plus.
- Experience in utility related regulations, benchmarking, operational efficiency evaluation, and risk assessment .
- Causal evaluation methods and tools
- Quality Control and Quality Assurance measures
- Standards and Control Frameworks (ISO, NIST, DoD, NERC-CIP)
- Cyber security Risk Management and Internal Controls
Evaluation Business Process improvement:
- Lean Six Sigma
- Process Engineering/Improvement
Education / Certifications:
- Bachelor’s degree (Information Security desired)
- Information Security certification: CISSP, CISA, Sec+
- Process Improvement certification: Lean Six Sigma or Business Process Management Causal evaluation certification
Responsibilities: Support the Transmission Operations Critical Infrastructure Protection (TO-CIP) with program improvement. Candidate will support the evaluation and strengthening of internal controls.
Tasking includes but not limited to:
- Lead and participate in cross-organizational efforts that will maintain and strengthen Client Organization's compliance posture
- Analyze current compliance processes, benchmark as needed, and provide guidance to stakeholders.
- Assist organizations with the design and implementation of best practice guidance, procedures, controls, and metrics that facilitates the organizations understanding of internal controls posture Review guidance documentation.
- Ensure controls provide reasonable assurance.
- The client has a flexibly schedule, no set working hours but basic business hours is assumed with flexible lunch as well (7-4, 8-5, 9-6).
- Ensure controls and metrics are implemented and effective.
- Audit compliance processes for adherence to documented procedures and controls .
- Identifying and documenting program issues/challenges.
- Evaluating and analyzing internal security controls and identifying opportunities for improvement.
- Consulting and coordinating with control owners in order to develop corrective and preventive action plans to remediate or mitigate issues.
- Developing security controls assessment test plans to spot check control effectiveness and posture.
- Assessing security controls.
- Tracking and reporting execution of corrective action plans.
- Performing cause evaluations on program issues to identify root causes.
- Participating in business process design and reengineering.
- Designing program templates for capturing cybersecurity controls implementation and evidence.
Comments/Special Instructions: Position will require local travel in the San Francisco area. NERC CIP access required. An in-person interview will be required for the finalist(s).