Title: Sr. Compliance Consultant
Location: San Francisco, CA 941057
Duration: 12 Months (Can be extended)
Qualifications: Minimum Qualifications 5 years experience at the senior consultant level Bachelor's degree in a related field or equivalent experience required Strong regulatory familiarity and expertise Excellent compliance and risk experience in corporate environment Strong knowledge and experience in compliance functions and documentation Strong research, analytical and information gathering skills Strong attention to detail and organizational skills, ensuring quality in deliverables Excellent skills in understanding complex business processes, working with the business compliance experts, and providing clear, concise guidance Proven ability to partner and work collaboratively as a team player; relationship building Ability to managing performance and be resourceful and adaptable to change. Demonstrated ability in advocacy and influence, conflict resolution, and process improvement Excellent communication and presentation skills Process Improvement utility industry knowledge Strong Excel, Word, PowerPoint skills; technological saavy
• NERC CIP v5 subject matter knowledge
• Knowledge of database and information systems - for example SCADA, EMS, OMT, OIS, SAP, ERP, COSO, Teradata, COBIT, QuestionMark - as needed to perform at the job level
• Ability to apply project management theories, concepts, methods, best practices, and techniques as needed to perform at the job level
• Knowledge of Physical Security and IT Cyber Security products and technologies
• Knowledge of risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems
• Understanding of computer networking technologies and protocols, and/or network security methodologies
• Demonstrated systematic problem analysis, solving, and decision-making skills
• Ability to influence and work with and across all levels within the business
• Excellent written and verbal communication skills required
• Ability to perform complex tasks using established policies, procedures and guidelines as reference
• Policy and Procedure writing experience
• Process development and process flow mapping experience
Responsibilities: Obtain, review, and interpret organizational CIP policies, standards and procedures to identify control points that would assist in mitigating risk to the business.
• Review test results or interpret evidence for vulnerabilities, gaps, or control deficiencies and work with Compliance Specialists to close gaps
• Identify risks associated with control failures and supports the identification of mitigating controls
• Partner with System Owners to ensure control documentation is updated periodically to reflect current control environment
• Leads and provides guidance on walkthroughs of processes and identification of gaps in controls.
• Review compliance action plan and follow-up on open items.
• Report on the “Health” for each NERC CIP Standard
• Identify NERC CIP program gaps and initiate/coordinate mitigations
• Coordinates upcoming NERC CIP activities to ensure timely completion of compliance requirements though Appian and tracking sheets.
• Owns and documents the implementation of the controls and creates auditable evidence of security measures.
• Ensure artifacts and evidence is of best-quality to meet compliance requirements.