IT Risk and Compliance Analyst 2 or 3 Non-Union Position Change Management and IT Compliance; Portland, OR Regular; Full-Time Posting # 50237348 August 11, 2017
NW Natural offers an IT Risk & Compliance Analyst 2 or 3 opportunity to interested applicants. The following is a summary of the position specifics.
Purpose of Position:
Leverage your knowledge of industry best practice, people and problem solving skills to link business objectives to IT governance strategies. Provide analysis of complex IT problems to improve IT and business efficiencies and control in areas such as change management, security, IT compliance, incident response, disaster recovery, service desk, risk management, governance and system development lifecycle. Develop and communicate process flows and requirement expectations that support the IT Department. Responsible for change coordination, compliance reporting and analysis, and participation in system implementations. Meet with business and technology leaders across the company to understand their requirements and translate those requirements into meaningful policy and standards. Analyze and assess risk in order to communicate the best course of action to senior management.
Position Essential Functions:
Manage and develop activities to ensure adherence with internal and external IT requirements, including but not limited to, operational efficiencies, information assurance standards and regulations.
Drive the development of technical frameworks and governance practices.
Understand the business need to design effective processes to drive real business benefit.
Performs audits and assessments against established IT policy expectations, and coordinates control testing activities for various IT systems.
Perform detailed problem analyses and scenarios; makes and/or implements recommendations to mitigate risk and business impact.
Perform cost-benefit and return on investment analyses for proposed changes.
Presents findings to aid management in decision making.
Develop processes that support the monitoring of control successes in areas targeted for improvement.
Provide input on requirements for deploying new or improved technologies, standards, practices, policies, and procedures, and apply them to the appropriate business activities.
Develop technical and visual documentation to support the communication needs of IT.
Ensure that methodologies/processes are standardized, sustainable and utilized.
Documents policies, procedures, standard practices and business processes.
Develop and maintains templates for technical documentation including business requirements, technical design, architecture diagrams, etc.
Implement systems, procedures, and policies in support of audits and assessments by organizations outside of IT.
Identify and executing improvements to current change management policies and processes.
Facilitate the weekly IT Change Management Review Board and IT Change Advisory Board (CAB) meetings.
Maintain knowledge of security components, processes and best practices for change management, configuration management, risk management, vulnerability management, compliance, records retention, business continuity, security impact analysis, privacy, and disaster recovery.
Manage external compliance initiatives that include the Sarbanes-Oxley Act controls and other compliance programs. Includes the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.
Provide action plans to achieve visible improvements to internal controls, risk management, and processes.
Supports Company’s commitment to a culture of safe work practices.
Coach, mentor and train others as a subject matter expert.
Perform other duties as assigned.
Bachelor's degree in Information Systems or related degree or an equivalent combination of education and technical experience resulting in the proven ability to perform the essential functions of the job.
Minimum 5years’ experience with information assurance, audit, risk management, and IT governance for Level 2 position. Minimum 7 years’ experience for Level 3 position.
Experience with process flow analysis and best practice methodology development.
Experience overseeing the design, development, and implementation of IT governance programs and process review.
Internal or external consulting skills in assessing, analyzing, and synthesizing controls and solutions across a broad range of departmental environments.
Knowledge of IT frameworks such as ITIL, COBIT, NIST, and/or ISO 27000.
Proven experience identifying solutions for complex problems in enterprise environments.
Must have a strong desire to operate as a leader and comfortable working in an ambiguous and fast paced environment.
Strong project management skills.
Excellent oral and written communication skills including the ability to work effectively with employees at all levels and across departments and effectively creating documents or technical plans.
Skilled at defining issues, analyzing and evaluating information, presenting recommendations and identifying alternative solutions.
Highly self-motivated with strong communication skills and time management skills.
Application Process: To be considered for this position, submit a complete electronic application including a cover letter and a resume.
Applications will be reviewed once application deadline has passed.
Deadline: August 25, 2017
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
On Jan. 7, 2009, NW Natural celebrated its 150th birthday. The company that became NW Natural was a business before Oregon became a state.When the Portland Gas Light Co., the original gas company, first started delivering gas, it had 49 customers – all using gas for lighting. Today, NW Natural serves more than 670,000 customers for space and water heating and a variety of industrial processes. O...ver the years, the gas company has changed products and names to match the times. But three things have never changed: the company’s dedication to its customers; it’s commitment to the communities it serves; and its support for its employees. At NW Natural, we like to say, “We grew up here.” That’s because we have evolved and grown with the communities where we work, and because we’re dedicated to keeping them strong.