Principal Compliance & Risk Consultant-Flexible Location

Requisition ID # 170462 

Job Category: Compliance / Risk / Quality Assurance 

Job Level: Manager/Principal

Business Unit: Gen Counsel, Ethics, Risk & Compliance

Work Type: Hybrid

Job Location: Oakland

Department Overview

The Enterprise Governance and Shared Compliance (EG&SC) group within the General Counsel, and Ethics, Risk, and Compliance (GC ERC) department provides leadership, strategic direction, and critical oversight of cross-cutting governance and compliance matters, including overseeing and expanding existing enterprise programs for compliance with the Federal Energy Regulatory Commission (FERC), North American Electric Reliability Corporation (NERC), Western Electricity Coordinating Counsil (WECC), and the Transportation Security Administration (TSA) cybersecurity and privacy requirements. One aspect of this function is to lead and support coordination, governance, and implementation of critical shared (e.g., cross-functional) compliance requirements and adherence with standardized enterprise and operational compliance risk mitigations. The group also provides enterprise-wide governance over Information and Records Management (IRG) requirements.

Position Summary

The Principal of NERC, FERC and TSA Cybersecurity compliance is responsible for supporting the organization’s compliance, governance, and program execution related to the federal and industry-mandated standards.  This role ensures enterprise-wide alignment with company policies, standards and procedures and is part of the NERC O&P Compliance Team.  The Enterprise NERC, FERC, TSA Compliance (ENFTC) team functions as the 2nd line of defense in the 3 lines model providing independent oversight of compliance programs.

The position partners with executive leadership and functional area compliance owners to maintain and develop compliance processes for monitoring and reporting program health, identifying and mitigating risk, as well as managing new and changing regulatory requirements.  This role will regularly meet with senior leadership in various functional areas to communicate issues, coordinate cross-functional actions and recommend improvements.  This position performs outreach and coordination, leads technology strategy, and acts as the interface with external regulators.

The successful candidate will have a deep understanding of federally regulated compliance programs and strategy.  They will build bridges with internal and external partners to manage compliance with the goal of maintaining the security and reliability of critical infrastructure.  The candidate will have strong interpersonal skills and a focus on continuous improvement.

This position is hybrid, working from your remote office and your assigned work headquarters in Oakland.

PG&E is providing the full salary/pay range for this position. The actual amount paid to an individual will be based on multiple factors, including, but not limited to, internal equity, specific skills, education, licenses or certifications, experience, market value, and geographic location. The range to reasonably expect will be around the minimum and the midpoint <$Min - $Mid of the range>. The final decision will be made on a case-by-case basis related to the factors above. This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.

Bay Area Min: $136,000

Bay Area Mid: $184,000

Bay Area Max: $232,000

Job Responsibilities

The Principal, Enterprise NERC, FERC and TSA will report to the O&P Manager and will hold the following responsibilities:

• Provide expertise to leadership and cross-functional teams regarding development, implementation, and monitoring of controls and mitigation plans.
• Develop compelling data-driven business cases for or against specific courses of action and potential risk mitigation alternatives as appropriate.
• Lead company response to regulatory data requests, investigations, audits, and other inquiries.
• Regularly updates leadership on changes to requirements/standards, metrics, program effectiveness, and opportunities for improvement.
• Lead issue investigations, cause evaluation exercises and develop corrective actions to remediate and mitigate compliance issues.
• Participate in risk management forums at the enterprise level.
• Complete assigned projects, tasks or support activities outlined in the team’s annual work plan based on program priorities and compliance risk.
• Develop and analyze business processes to identify, design or improve internal controls
• Perform internal controls assessments including design and operational effectiveness testing.
• May act as team lead but does not have any direct reports.
• Develop partnerships with functional area teams to ensure consistency of compliance approach and promote an effective enterprise compliance culture.
• Expert level knowledge of assigned area of business including NERC processes and procedures
• Strong problem solving, project management, and change management skills
• Strong written and verbal communication skills and ability to communicate complex data effectively to a variety of audiences including executives

• Ability to influence others to achieve understanding, acceptance, and commitment to act

Qualifications

Minimum

---------------------------

• BA/BS or equivalent work experience in business or other relevant discipline
• Experience in Electric Utility, 10+ years in operations, engineering and/or compliance; including 2 years focused on NERC, FERC or Cybersecurity (or closely related experience)

Desired

---------------------------

• MBA or MS in risk, compliance, sciences, engineering or related discipline, or equivalent experience
• Strong program management, project management, internal consulting, change management, and process improvement skills
• Excellent verbal and written communication skills to clearly convey information and ideas to stakeholders at all levels in the organization
• Ability to work independently with guidance on only the most complex issues
• Ability to work closely with functional area representatives as a true partner
• Consistent demonstration of a high level of innovative and new thinking focused on compliance strategy, controls, and implementation
• Advanced knowledge of compliance, risk management and internal controls
• Application of demonstrated knowledge and skill to resolve complex problems
• Ability to identify and implement program and process improvement opportunities, including competency in making sense of complex information to effectively solve problems
• Ability to effectively communicate complex data and findings to diverse audiences using a variety of media and visual management
• Proficient with Microsoft products including Word, Excel, PowerPoint, SharePoint
• Highly flexible, self-directed, and able to adapt well to rapidly changing environment
• Strong client focus
• Certified Information Systems Security Professions (CISSP) or equivalent
• Certified Information Systems Manager (CISM) or equivalent
• Project Management Professional (PMP)
• NERC System Operator Certification
• Familiarity with implementing Lean Management
• Builds strong-identity teams that apply their diverse skills and perspectives to achieve common goals
• Creates a climate where people are developed and motivated to do their best to help the organization