Chief, IT and Cyber Risk Validation

PG&E CorporationSan Ramon, CA
61dHybrid
Match Resume

About The Position

The Operational Risk Validation team is focused on assessing and validating risk mitigations and controls to determine the effectiveness of PG&E's programs to address the highest risks for the enterprise. The goal is to confirm the right work is being done in a way that truly reduces risk, and to strengthen how we collectively quantify actual risk reduction based on units of work completed. This team will partner closely with the existing risk, compliance, and operational groups, digging a few levels deeper beyond compliance. This will include observations in the field and dialogue with front-line employees to better understand operational risks, inform future risk reduction programs, and advocate for needed resources or support. Assessments and validations of risk-reducing work will be done for the top-tier enterprise risks, while responding to industry disruptors and emerging risk factors that may not fit neatly into existing risk frameworks. These assessments and resulting recommendations will evaluate whether operations are meeting legal, regulatory, and other commitments - and beyond this, determine whether we're truly reducing risk to an appropriate level. Chief, IT and Cyber Risk Validation is an individual contributor who is responsible for ensuring that the risks associated with Cyber Security, Physical Security and Technology Improvements are effectively managed across the enterprise. This role will validate that the controls and mitigations are monitored, and all the stakeholders are engaged in data driven decision making. This individual will provide expertise on the key areas of risk for IT and Physical Security across the enterprise to build risk management capabilities. The knowledge expected from this role are AI, Cloud, Data management, Cyber and Physical security, Asset management, Networking, IT infrastructure etc. This is a high-level position focused on strengthening and building relationships across the organization in an area of risk that is continuously growing across all Functional Areas (FA). This position is hybrid, working from your remote office and your assigned work location based on business need. The assigned work location will be within the PG&E Service Territory. Reporting This role reports to the Director, Operational Risk Validation Generation/ IT. This is an individual contributor role.

Requirements

  • Bachelor's degree or equivalent experience.
  • 12 years of job-related experience

Nice To Haves

  • Advanced degree in a relevant field such as data management, computer science, information technology, systems engineering, operational governance, or other applicable discipline
  • Experience with Operational Technology, and Regulatory compliance
  • IT and Security experience
  • Engineering, Architecture, and Risk experience
  • Experience with ISO 31000 and 55001
  • Experience with NERC CIP, TSA and FERC utility industry regulations
  • Utility industry experience, electric or gas, or other job-related, 10 years

Responsibilities

  • Partners with Cybersecurity teams such as Asset Management, Strategy, Risk Assessment, Vulnerability Management, Security Intelligence and Operations Center etc. Validates the risk and ensures effectiveness on existing controls and mitigations on an ongoing basis.
  • Partners with all asset owners and leaders across the enterprise to raise awareness, build support and partnership in the improvement of cyber asset data management across all technologies.
  • Partners as the single point of contact within the Enterprise Risk and Compliance (ERC) team to ensure that technology and systems supporting cyber asset management are implemented and configured to ensure Cybersecurity of all assets across the Enterprise.
  • Supports Cyber Security Asset Management strategy development and implementation to ensure external obligations are met across all regulators present and future.
  • Partners with Enterprise Data Management, Physical Security and IT Infrastructure teams to set priorities and drive all risk- related activities managing the risks proactively.
  • Primary thought leader for Enterprise Risk for development of the roadmap to Propel migration and mitigation strategies that support operational and strategic objectives of the ERC organization.
  • Works directly with and coaches senior leadership in key operational areas to identify, address and communicate risk management issues, primarily focused on Cyber, Physical and IT risks.
  • Recognizes and communicates internal and external developments that may impact risks based on in-depth knowledge of operational risks across all FAs to improve risk management practices across the enterprise.
  • Provides subject-matter expertise and challenges business decisions and decision-making processes to ensure all aspects of risks are appropriately considered and effective controls and mitigations are implemented.
  • Leads strategy development and implementation of risk education and training materials for use enterprise-wide and at all levels.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Director

Industry

Utilities

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar Chief, IT and Cyber Risk Validation job opportunities

🔥 New JobAssociate – Technology & Cyber Risk Management RCSA Validation
Santander
Santander • Dallas, TX1d
Cyber Risk Analyst
Acadia Pharmaceuticals Inc.
Acadia Pharmaceuticals Inc. • San Diego, CA3d • $29 - $37 • Hybrid
Cyber Risk Analyst
Acadia Pharmaceuticals
Acadia Pharmaceuticals • San Diego, CA2d • Hybrid
IT Cyber Liaison
Leidos
Leidos • Piketon, OH11d
IT Cyber Liaison
Leidos
Leidos • Piketon, OH8d
Cyber and Technology Operational Risk Manager
CIBC
CIBC • Chicago, IL4d • $90,000 - $130,000 • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service