BRIEF POSITION DESCRIPTION
We seek an experienced, action-oriented IT Governance, Risk & Compliance Analyst. This role is critical to IT / Security risk management, and compliance with regulatory requirements including, specifically, North American Electric Reliability Corporation
Our mission is to reduce risks to the reliability and security of the electric grid. Our priorities are to succeed as One Team and deliver the commercially relevant outcomes essential to our customers and to the communities we serve. We value integrity, teamwork, and diverse perspectives. By joining our team, you can advance your career, influence compliance performance, and directly contribute to our shared success.
Support development, implementation and maintenance of strong governance, risk & compliance processes.
Continuously improve the security framework, methodology, standards, and system of internal controls.
Govern and report on findings, track status, and ensure corrective actions are complete and sustainable.
Support operational reporting, management communications, and executive governance committees.
Support and/or lead continuous improvement initiatives to deliver on operational and strategic goals
Sustain purpose-driven engagement and effective interaction with Auditors, Regulators, and compliance partners.
Risk and Compliance
Support risk identification & assessment, response & mitigation, control monitoring & reporting.
Gather and evaluate information, including to support Auditors, Regulators, and compliance partners.
Develop and perform tests, to evaluate the design and effectiveness of key controls as is necessary for compliance.
Review test findings, identify control weaknesses, present results, and recommend actions to remediate issues.
Support issue management, risk acceptances, and the IT Security
Deliver high quality reporting (data, reports, presentations), communicating effectively in both technical and business terms.
Support workforce security activities including culture, awareness and training.
GRC Systems Administration
Support operation and administration of GRC systems for Information Security & IT (RSA Archer and Entergy systems).
Support, develop, and configure GRC system services and improvements (RSA Archer).
Specialize in Archer data feeds, questionnaires, work-flows, access controls, reports, and dashboards.
Serves as a resource to Information Security and IT team members on GRC matters.
IT Business Analyst:
IT Business Analyst, Sr:
IT & Security governance, risk, and compliance frameworks and practices (e.g. COBIT, NIST-CSF, ISO).
IT & Security risk & security controls (e.g. cyber security, network, infrastructure, applications, and projects).
Internal control implementation, including the evaluation of the design and operating effectiveness of controls
Advanced knowledge of testing techniques and data analysis principles, as well as the ability to interpret results.
IT & Security audit, risk and compliance.
Proficiency with GRC systems (i.e. RSA Archer).
Advanced-level communication, presentation, and relationship management skills.
SKILLS AND BEHAVIORS
Drive multiple complex projects, achieve key milestones, with ability to reprioritize work in a fast-paced environment.
Sustain effective engagement with IT, Security, and Compliance business partners, and with Auditors, and Regulators.
Must take ownership, demonstrate a sense of urgency, and ensure accuracy and quality.
Must manage ambiguity, perform in a fast-paced environment, and resolve urgent and competing demands.
Must support planned & unplanned workload demands, with the measured courage to say "no," to focus on key priorities.
Perform other duties and responsibilities, as assigned.
Must be willing and able to work flexible hours and go above-&-beyond to deliver outcomes.
Bachelor's degree or four years of relevant experience required.
Advanced degree preferred.
ANY CERTIFICATES, LICENSES ETC., REQUIRED FOR THE POSITION
Must demonstrate commitment to professional development.
One or more relevant qualifications; e.g.: CRISC, CISSP, CISM, CISA.
Preferred: Archer Certification.
Primary Location: Texas-The Woodlands
Job Function: Information Technology
FLSA Status: Professional
Relocation Option: Level II
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 1
Req ID: 96487
Travel Percentage:Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
Job Segment: Risk Management, Compliance, Information Security, Law, Finance, Legal, Security, Technology