IT Governance & Control Specialist
FIRSTENERGY SERVICE COMPANY
JOB DESCRIPTION
We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers lives brighter, the environment better and our communities stronger.
FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nations largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.
About the Opportunity
This is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp. [SC00]
Compliance is a group within IT Transmission Systems & Compliance with the responsibility for the development, ongoing sustainability, and program consistency for NERC Critical Infrastructure Protection (CIP), Sarbanes Oxley – Information Technology General Controls (SOx ITGCs), FERC and other compliance activities to meet regulatory requirements and reduce risk to the company.
The position requires the candidate to be proficient in data analysis and problem-solving skills, understanding business processes as well as possess a solid background in Compliance (e.g., CIP, FERC, SOx, etc.). The successful candidate needs to be able to create and follow detailed work plans and drive work across multiple business units to meet compliance deadlines. Clear, concise, writing skills are essential for documenting compliance evidence.
The position reports to the Manager of CIP Compliance Program & Reliability Standards and is located in Akron.
Responsibilities include:
Ensure effective regulatory compliance to the North American Reliability Corporation (NERC) CIP Standards by providing guidance to support the business units risk management, Cyber, Information, Physical and Personnel Security programs.
Maintain Compliance policies, programs, procedures, and guidelines related to the NERC CIP Standards.
Support development environment testing efforts for Regulatory Access Authorization Database (RAAD) releases. Includes researching potential issues with integrated systems.
Utilize FE technology (e.g., RAAD, Contractor Information Management System (CIMS), QlikView, Sensitive Data Tracking) to analyze data as well as, assign, track and monitor compliance efforts. This includes involvement in the RAAD Change Control process.
Perform the quarterly access reconciliation, appropriateness, security awareness and FSI, SCI separations and transfer processes. Creating evidence documentation that is used to support the completion of these processes
Maintain the CIP Policies, Programs and Procedures SharePoint content, as necessary.
Investigate and accurately document root cause analysis of issues to identify potential non-compliance and ensure timely remediation.
Utilize strong technical skills and knowledge of IT Systems.
Qualifications at the IT Governance & Control Specialist includes:
Minimum 2-4 years related work experience required.
A background in IT or Compliance (e.g., CIP, SOx, FERC)
Experience performing internal controls to meet regulatory requirements
Strong data analytics and exception reporting skills for assessment of compliance.
Strong proficiency in use of analytical tools including QlikView and Excel
Excellent communication skills to effectively annotate findings in both written and oral form
Ability to write at a professional and technical level to ensure a consistent understanding of the subject matter across multiple knowledge levels.
Ability to think technically, research, analyze and document compliance findings
Ability to work independently with minimalApply here: https://www.aplitrak.com/?adid=YmJnZW5lcmljLjI3OTM5LjEwNTA4QGZpcnN0ZW5lcmd5