Share this Job

Compliance & Risk Analyst II (IT)

Date: Nov 26, 2018

Location: Ybor City, Florida, US, 33605

Company: TECO

Title: Compliance & Risk Analyst II (IT) 
Company: TECO Services, Inc. 
State and City: Florida - Ybor City
Shift: 8 Hr. X 5 Days

 


This position pays between $76,187.00 to $101,583.00 and is based on skills, experience and education of the successful candidate.

 

 

Facilitates integration and implementation of relevant new compliance obligations and changes; monitors changes and participates from industry perspective. Leads and/or monitors compliance programs for specific rulesets as needed.  Participates in development of roadmaps and workplans. Facilitates with stakeholders, especially technical SMEs – requiring a deep understanding of both the requirements and willingness to review/understand the current environment. Ensures audit readiness, compliance issue investigation, reporting, and correction, compliance information management, integration with business, and controls/monitoring, for multiple stakeholder sets.  Advises to IT projects to ensure appropriate compliance posture.

 

DUTIES AND RESPONSIBILITIES

  • Governance:  Lead or participate in the implementation and administration of relevant compliance programs. Leads and incorporate new regulatory requirements and other compliance obligations into the TECO (TSI, TEC, PGS, NMG) compliance management systems.  
  • Risk Management:  Monitor external compliance obligations; research, analyze and communicate potential impact to TECO affiliates. Work directly with business units, corporate areas and management in the development of industry comments and voting recommendations for relevant compliance obligations as needed (e.g., NERC CIP standards) and participate in development of standards by attending virtual committee meetings to inform the design and implementation of new regulatory requirements.  Provide input to IT Compliance and Risk Roadmap and associated workplan to ensure the TECO affiliates are in compliance with IT regulatory, contractual, Emera existing and new standards. 
  • Policies and Procedures:  Ensure integration of IT compliance obligations into IT, corporate and business policies, standards, procedures, and processes, including flow diagrams. Rapidly research, develop and maintain deep understanding of compliance obligations as well as our current IT&T, corporate, and business environments and serve as consultant/liaison with affected IT&T, corporate areas and business units to advise on potential impact and facilitate the evaluation, design and implementation of effective methodologies, procedures and controls to comply with new and existing regulatory requirements and other compliance obligations. Collaborate with project manager(s) to identify relevant project tasks and associated pre-requisites/dependencies, timing, and associated automation to ensure departmental procedures are developed, implemented, and integrated.  
  • Training and Communications: Provides training, guidance, industry insight and business liaison for staff/contractors to ensure quality results. Coordinates with Information Security to communicate results across areas of the business. Recommend external education and future training. 
  • Controls & Monitoring:  Identify and design methods of monitoring and sampling, including use of security tools.  Able to meet project timeframes and communicate with all stakeholders to avoid problems.
  • Reporting & Performance Management:  Advise on and/or execute compliance concern investigations, performance analysis (e.g., metrics), and report on status of applicable compliance programs. 
  • Information Management:  Investigates corporate readiness and designs plans for improving the cybersecurity baselines; work with cross-functional SMEs to design and implement methods to collect and/or automate compliance-related data.   

 

 

 

QUALIFICATIONS

Education/Training

Required:      Four (4) year degree in computer science, information systems, or other related information technology field.

Preferred:     Master’s degree business administration, computer science, information systems, or other related information technology field.

 

Licensing/Certification

Required:      Expected to obtain Information Technology Infrastructure Library (ITIL) Certification within 6 months of employment in this position.  Audit (Certified Information Systems Auditor [CISA] or security-related (e.g., Certified Information Systems Security Professional [CISSP], Certified Information Security Manager [CISM]) certification.

Preferred:     Current ITIL Certification. 

Experience

Required:      Minimum of 7 years experience in an information technology, audit, or utility business environment is required, with at least three years in an IT security, audit or other controls-based role.

Preferred:     5+ years IT security, audit or controls experience.  3+ years NERC CIP compliance program experience.

 

Knowledge/Skills/Abilities

Required:      Maintains an expert level knowledge of IT governance frameworks and compliance standards including NERC CIP, SOX, PCI DSS, DFARS, COBIT, NIST Cyber Security Framework, DHS TSA Pipelines Security Guidelines.  Broad technical knowledge (e.g., infrastructure, security, change management, SDLC); capability to zero in on essential information. Broad utility industry business understanding. Must be able to complete highly complex duties involving a wide variety of situations requiring considerable analytical skills, judgment and interpersonal organizational relationships.  Ability to reconcile conflicting information and lead groups to consensus.  Ability to advise IT projects as they related to compliance.  Project management capabilities.  Ability to train large groups on IT regulatory requirements. High tolerance for stress and managing competing priorities.

 

Preferred:     Negotiation skills.

 

 DIMENSIONS

Business & Job Knowledge

Judgment

Ownership & Excellence

Produce Results

Teamwork

Planning & Organization

Adaptability/Leading Change

Communication & Presentation Skills

Building Relationships

Inspiring Trust

 

 

 

TECO offers a competitive Benefits package!!

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage  *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

 

STORM DUTY REQUIREMENTS....Please make sure to read below!!!  Responding to storms will be considered a condition of employment.

TECO Energy and its companies serve a role in providing critical services to our community during an emergency. Team members are required to participate in the response/recovery activities related to emergencies/disasters to maintain service to our TECO Energy customers. Team members are required to work in their normal job duties or other assigned activities. Proper compensation will be made in accordance with the company's rules and procedures.

 

TECO Energy is proud to be an Equal Opportunity Employer.

TECO Energy is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by law, except where physical or mental abilities are a bona fide occupational requirement and the individual is unable to perform the essential functions of the position with reasonable accommodations.

In order to provide equal employment and advancement opportunities for all individuals, employment decisions at TECO Energy will be based on skills, knowledge, qualifications and abilities.

 

ADA policy
It is the policy of TECO Energy to provide reasonable accommodation for all qualified disabled individuals who are employees and applicants for employment, unless it would cause undue hardship. The corporation will adhere to applicable federal and state laws, regulations and guidelines, including, but not limited to the Americans with Disabilities Act (ADA) of 1990 and section 503 and 504 of the Rehabilitation Act of 1970s.

 

Application accommodations
Applicants may request reasonable accommodation in the application process five business days prior to the time accommodation is needed.

 

Pre-employment physical exams may be required for positions with bona fide job-related physical requirements regardless of disability. 

 

 


Nearest Major Market: Tampa

Job Segment: Information Systems, Computer Science, Project Manager, Information Security, Technology