The Regulatory Compliance & Cyber Security Compliance Auditor will work in a team environment in coordination with other Family of Companies (FOC) functions. These functions includes GTC Operations & Maintenance (O&M), Georgia System Operations (GSOC) Cyber Security Operations, GSOC NERC Compliance, GSOC Information Technology, and GSOC Audit & Consulting to conduct internal controls testing, perform compliance monitoring, and provide consulting support to GTC as it relates to cyber security risks and NERC Critical Infrastructure Protection Standards. The primary function of this position is to provide assurance that cyber security and other reliability risks are appropriately identified and mitigated and to ensure on-going compliance with CIP and O&M reliability standards.
Education: Bachelor's Degree in Accounting, Information Technology, Cyber Security, Engineering, or related field from accredited institution. Advanced degree desirable.
Experience: Auditor with 3 – 4 years’ experience in information technology, cyber security, internal control design and effectiveness testing and compliance evidence monitoring; with one to two years’ experience in the utility industry and/or working knowledge of NERC CIP Standards is highly desirable.
Equivalent Experience: If education requirement is not met, an additional 6 years of experience as described above will be required.
Licenses, Certifications and/or Registrations: Certified Information Systems Auditor (CISA), Certified Risk & Information Systems Control (CRISC), Certified Information Security Manager (CISM) and/or Certified Information Security Professional (CISP) desired; or other auditing related designations such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA) with strong working knowledge of information systems and cyber security practices and internal controls.
Specialized Skills (e.g., typing, computers, software, tools and equipment uses, etc.):
- Microsoft Office (Word, Excel, Outlook, PowerPoint, and SharePoint) proficiency required.
- Working knowledge of internal auditing professional standards; information systems and cyber security practices, and internal control frameworks.
- Strong verbal and written communication skills; ability to establish and maintain effective working relationships; work collaboratively with all levels of the organization and external auditors; discuss business risks, audit results and develop agreed upon action plans.
- Strong commitment to on-going quality assurance and improvement; ability to manage multiple projects and meet deadlines.
Our on-line application format has changed. If you have previously applied for a position that was posted prior to September 12, 2013, your applicant profile is no longer active. Please take a few minutes to re-submit your profile information to be considered for open positions posted after September 12, 2013 by clicking the above Apply for this Position button. We appreciate your time and consideration of GTC.