IT Compliance Analyst

About The Position

Requirements

• 8 years of professional work experience in Technology or related field
• 4 years of experience conducting Technology audits or assessments
• Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (e.g., SOX, SOC1, SOC2, PCI DSS, ISO 27001/2, Cloud Security Alliance, NIST 800-53, MLPS 2.0, GDPR)
• Bachelor’s Degree with 8+ years of professional work experience in Technology or related field, or equivalent education and experience.
• Four (4) + years of experience conducting Technology audits or assessments.
• Any of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Payment Card Industry (PCI) Qualified Security Assessor (QSA), or Internal Security Assessor (ISA).

Nice To Haves

• Experience securing cloud architecture and/or distributed networks.
• Previous work experience in a Utility industry or professional services firm.

Responsibilities

• Implement IT compliance strategies and evaluate efforts to ensure the effectiveness and NWN’s IT control environment. Identifies and solves complex problems that may involve multiple areas. Apply analysis, based on in-depth research and critical thinking to recommend solutions.
• Manage several NWN compliance programs.
• Monitor the effectiveness of NWN controls that are directly related to compliance requirements.
• Monitor industry and regulatory trends to implement standard processes/methodologies.
• Conduct scoping reviews for new or updated compliance standards to determine the impact on NWN’s control environment.
• Contribute to the development of the annual execution plan to implement cyber security related short- and long-term goals.
• Be a liaison between business, IT, and audit organizations to set priorities for internal and external IT audits and attestations.
• Lead and coordinate resolution of high-profile IT compliance issues with internal partners.
• Coordinate with internal team members and external contacts to identify requirements, communicate projects in flight, collect data and artifacts, and track progress.
• Develop, maintain, and deliver guidance and training to control owners as focus areas evolve or new audit and compliance requirements emerge.
• Deliver status updates to several levels of management throughout the organization on various IT compliance programs.
• Act as a lead and mentor to others on the IT Compliance team, providing leadership and guidance, acting as a back up to the department manager when needed. May assist with the review and evaluation of personnel.

Benefits

• Rich health insurance benefits with competitive employer contribution
• Free access to an online wellness resources platform
• Up to 23 Vacation Days
• 80 Hours of Sick Time
• 10 paid holidays and 3 floating holidays
• Flexible work arrangements
• 3 weeks paid parental leave
• Green Team / Diversity, Equity & Inclusion Council / Safety Team / Women’s Network and many other Employee Resource Groups
• 1500 sq foot exercise facility and secure bike room
• Meaningful annual incentive bonus opportunity in addition to base salary
• Competitive 401K company contribution and match
• 15% discount on NW Natural stock through Employee Stock Purchase Program
• Up to $5250 a year in tuition reimbursement
• Wellness incentive program
• 20% off natural gas service
• Up to 30% discount at NW Natural Appliance Center
• TriMet Pass for all HQ employees
• Generous discounts with Verizon & AT&T Wireless