Avangrid IT Compliance Analyst in Portland, Oregon
IT Compliance Analyst
Company: AVANGRID RENEWABLES, LLC
Portland, OR, US
Iberdrola is a global energy leader, the number one producer of wind power, and one of the world's biggest electricity utilities in terms of market capitalisation. The group supplies energy to almost 100 million people in dozens of countries including Spain, the United Kingdom (ScottishPower), the United States (AVANGRID), Brazil (Neoenergia), Mexico, Germany, Portugal, Italy and France, with a workforce of more than 35,000 people.
Iberdrola is leading the transition towards a sustainable energy model through its investments in renewable energy, smart grids, large-scale energy storage and digital transformation, to offer its customers the most advanced products and services. Thanks to its commitment to clean energy, Iberdrola is one of the companies with the lowest emissions and an international benchmark for its contribution to sustainability and the fight against climate change.
Manages various IT Compliance programs and projects to ensure that all requirements of governing agencies and regulations, such as North American Electric Reliability Council (NERC), Federal Energy Regulatory Commission (FERC), Sarbanes-Oxley, etc., and other Local and Global IT Control requirements are communicated and adhered to by Information Technology. Maintain a strong working relationship with internal and external constituents of such regulating bodies. Provides point of contact and lead for security related incidents and activities for area. Works with subject matter experts from across the companies and IT to provide compliance guidance, expertise, and support for program development, and performance tracking and reporting.
•Develop, implement, and report on the IT NERC CIP compliance program and internal control framework and metrics.
•Support other compliance/regulatory activities within IT, e.g. SOX, Internal Audits
•Maintain control matrices for each of the Information Technology Operational Areas. This includes documenting new and/or modifications to existing key controls.
•Ensure all documentation related to Information Technology operational areas is kept up to date to reflect current business processes/procedures
•Assist in facilitation of testing by both internal and external constitutes.
•Actively participate and conduct management testing of key controls, and evaluate compliance to all regulations.
•Identify and communicate any control gaps and work with IT management to facilitate remediation.
•Coordinate and work with all external vendors (Auditors) and internal organizations related to compliance and regulatory auditing for AVANGRID IT.
•Develop, maintain, and collect audit-related documentation; and coordinate audit responses with all internal and external vendors (Auditors) related to compliance and regulatory auditing.
•Act as the local IT Security point of contact for the Avangrid security team.
•Work with users to discuss security issues and gathering incident data and review of security violations.
•Assist in monitoring security events for IT infrastructure, including the analysis of logs, to perform associated analysis, anomaly identification, escalation, remediation, and incident response.
Note: The above Key Responsibilities/Duties are not intended to be all inclusive. Employees in this position may be required to perform other related aspects of the job not listed above or listed under Purpose/Major Objectives as assigned by the supervisor.
Skills and Requirements
Qualifications: (minimum qualifications for assignment to this job)
Education: BS/BA Degree
BA/BS degree in computer science, management information systems, or related field.
Five to Seven years of related exposure and involvement in a large computerized system and client/server environment i.e. knowledge of operating systems, telecommunications, database, and various application languages. Technical skills to perform reviews of applications, operations, security system software, and new systems. Knowledge of auditing networks and personal computer environments. Individual must be proficient in the utilization of personal computers and related software applications. Knowledge of regulatory bodies and legal requirements to which Information Technology must comply.
Ability to plan, organize, and communicate (verbal and written) effectively.
•Able to build strong relationships with key customers of IT services and work with others to design effective process/system solutions.
•Project Management experience
•Ability to understand and analyze FERC/NERC, SOX, and other regulatory requirements.
•Able to work independently, and exercise excellent problem-solving, analytical, judgment, and decision-making skills.
•Ability and willingness for limited travel.
•Strong working knowledge of Microsoft Office Products
•At least 4-6 years of IT experience with responsibilities in security or compliance.
Preference may be given to candidates with the following:
•Experience creating / following NERC-CIP compliance procedures and processes
•Working knowledge of the regulatory environment for utility companies.
•Experience in IT Controls Frameworks and Compliance
Develop Self & Others
Empower to grow
Collaborate and Share
Be a role model
Focus to achieve results
Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will work for Avangrid Renewables
AVANGRID’s employment practices and policies are geared to hiring a diverse workforce and sustaining an inclusive culture. At AVANGRID we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law. Learn more about equal employment by following this link (https://www.eeoc.gov/employers/upload/poster_screen_reader_optimized.pdf)
If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our Human Resources department at 203-499-2777 or firstname.lastname@example.org