March 28, 2024
Global Renewable News

Senior Ethics & Compliance Analyst

Organization:
Duke Energy
Region:
North Carolina
Application deadline:
November 30, 2017
  This job posting has expired
Type:
Full time
Category:
Information systems
Description

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work and competitive pay and benefits

The Senior Ethics & Compliance Analyst is primarily responsible for providing independent oversight, guidance and direction as necessary to maintain ongoing compliance by the business units with the NERC CIP requirements that apply to Duke Energy and for the implementation and maintenance of Duke Energy's NERC Compliance Program.

Responsibilities include but are not limited to the following:

  • Demonstrate good technical cybersecurity and programmatic knowledge of all NERC CIP standards that are applicable to Duke Energy.
  • Serve as the primary compliance contact, and develop and maintain strong professional relationships with federal regulatory agencies including NERC and the regional entities. Serve as the compliance liaison between the regulatory agencies and the affected Duke Energy business units.
  • Provide direction and independent compliance oversight of business processes, programs, and projects established to ensure compliance to Federal and State regulations pertaining to the NERC Reliability Standards.
  • Provide support and compliance guidance to business units for interpreting standards and other NERC-related guidance documents, and monitoring compliance with the standards.
  • Represent Duke Energy to NERC, Regional Entities, and industry peers, and advocate for Duke Energy's compliance position and compliance program, processes, and work practices.
  • Lead, manage, and coordinate compliance monitoring, oversight, and enforcement activities such as regional, NERC, FERC and internal audits (including mock audits), internal controls assessments, spot checks and investigations, self-certifications, data submittals, evidence collection, and risk assessments. Ensure complete and timely response to data requests and other requests for information.
  • Manage and facilitate violation determination and issue management meetings and discussions. Apply technical CIP expertise in problem-solving and coming up with recommendations and alternative solutions that support compliance.
  • Manage and meet compliance reporting schedules in accordance with established timeframes and due date requirements.
  • Guide and support business units in the development of self-reports, cause analyses, corrective plans, and mitigation plans.
  • Utilize the regional entity compliance portals for submittal of self-reports, mitigation plans, self-certifications, monthly and quarterly reporting, etc.
  • Administer, maintain, and utilize the compliance tracking tool for evidence management, evidence schedules, and compliance issue processing, tracking, and trending.
  • Develop, update, publish, and maintain compliance program processes, procedures, and documents. Manage process review cycles, and coordinate reviews and feedback cycles with business unit stakeholders.
  • Provide compliance status including metrics/goal tracking and communication of significant industry reliability trends or events to management, up to and including the Duke Energy Electric Reliability Executive Steering Committee.
  • Communicate relevant and pertinent NERC compliance information in a clear and concise manner, and conduct NERC Awareness training and other compliance process training for the business units as necessary.
  • Direct and participate in the development and implementation of technologies to automate and streamline compliance monitoring and reporting processes.
  • Develop and maintain working knowledge of the impact of NERC CIP compliance requirements on business operations and support functions.

#LI-POST

Qualifications

Basic/Required Qualifications

  • Bachelor degree in computer science, information systems, or related field OR At least six years utility, cyber security, auditing, compliance, regulatory or related experience in lieu of a degree.
  • Four or more years' experience in utilities, cyber security, auditing, compliance, regulatory or related

Desired Qualifications

  • Master's degree in Computer Science, Information Systems, or related field
  • At least two years' experience working with NERC standards and requirements
  • Practical leadership, presentation, training, and discussion/meeting facilitation skills
  • Strong problem-solving, active listening, conflict-resolution, and collaboration skills
  • Experience with NERC audits, self-certifications, and managing data requests
  • Project management experience
  • Excellent verbal and written communication skills
  • Working knowledge and technical understanding of cyber security controls and related industry regulatory issues
  • Has the ability to manage confidential information with a high degree of integrity
  • Works collaboratively with management and teams, takes direction and feedback well, welcomes active coaching and guidance  
  • Ability to understand complex, technical concepts, and apply them to the control environment

Click here to view the full job posting.

Contact

Duke Energy

526 S Church St

Charlotte

North Carolina United States

www.duke-energy.com