We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.About the OpportunityThis is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp. [SC00]Compliance is a group within IT Transmission Systems & Compliance with the responsibility for the development, ongoing sustainability, and program consistency for NERC Critical Infrastructure Protection (CIP), Sarbanes Oxley - Information Technology General Controls (SOx ITGCs), FERC and other compliance activities to meet regulatory requirements and reduce risk to the company.The position requires the candidate to be proficient in data analysis and problem-solving skills, understanding business processes as well as possess a solid background in Compliance (e.g., CIP, FERC, SOx, etc.). The successful candidate needs to be able to create and follow detailed work plans and drive work across multiple business units to meet compliance deadlines. Clear, concise, writing skills are essential for documenting compliance evidence.The position reports to the Manager of CIP Compliance Program & Reliability Standards and is located in Akron.Responsibilities include:
Ensure effective regulatory compliance to the North American Reliability Corporation (NERC) CIP Standards by providing guidance to support the business unit's risk management, Cyber, Information, Physical and Personnel Security programs.
Maintain Compliance policies, programs, procedures, and guidelines related to the NERC CIP Standards.
Support development environment testing efforts for Regulatory Access Authorization Database (RAAD) releases. Includes researching potential issues with integrated systems.
Utilize FE technology (e.g., RAAD, Contractor Information Management System (CIMS), QlikView, Sensitive Data Tracking) to analyze data as well as, assign, track and monitor compliance efforts. This includes involvement in the RAAD Change Control process.
Perform the quarterly access reconciliation, appropriateness, security awareness and FSI, SCI separations and transfer processes. Creating evidence documentation that is used to support the completion of these processes
Maintain the CIP Policies, Programs and Procedures SharePoint content, as necessary.
Investigate and accurately document root cause analysis of issues to identify potential non-compliance and ensure timely remediation.
Utilize strong technical skills and knowledge of IT Systems.
Qualifications at the IT Governance & Control Specialist includes:
Minimum 2-4 years related work experience required.
A background in IT or Compliance (e.g., CIP, SOx, FERC)
Experience performing internal controls to meet regulatory requirements
Strong data analytics and exception reporting skills for assessment of compliance.
Strong proficiency in use of analytical tools including QlikView and Excel
Excellent communication skills to effectively annotate findings in both written and oral form
Ability to write at a professional and technical level to ensure a consistent understanding of the subject matter across multiple knowledge levels.
Ability to think technically, research, analyze and document compliance findings
Ability to work independently with minimal supervision.
Experience with IT general controls which include but are not limited to change management, release management, and Cyber Security policies and procedures
Experience developing, implementing and auditing controls to meet NERC CIP Requirements
Experience preparing evidence for audits
Work with business units to coordinate and resolve compliance issues. Includes identifying extent of condition, recommending process improvements, controls and remediation plans.
Prepare for, coordinate, and support compliance audits conducted by internal resources, consultants or regulatory organizations.
Coordinate FE compliance self-certification Basis of Compliance (BOC) activities.
Lead projects crossing multiple business units enabling common processes and implementation of controls to demonstrate cohesive compliance programs.
Perform evidence peer review and mentoring team members.
Benefits, Compensation & Workforce DiversityAt FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.SafetySafety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.