Systems Manager-Governance, Risk, & Compliance (GRC)

Overview

Responsibilities

• Oversee the development and maintenance of information security policies and governance frameworks aligned with national energy security priorities in compliance with regulatory requirements and industry standards.
• Manage team of GRC professionals to achieve business objectives.
• Be accountable for building team capabilities and operational excellence through workforce planning, training, performance management, and enforcing standards to ensure readiness during incidents.
• Collaborate with internal stakeholders (IT, OT, Legal, Risk, Operations) and external partners (regulators, government agencies, industry groups).
• Facilitate incident response planning, exercises, and post-incident reviews to strengthen organizational readiness.
• Provide executive-level reporting, supports incident response planning, and champions a culture of cyber accountability and resilience across the organization.
• Maintain the Companys information security policies, standards, and control frameworks, supporting internal and external audits, and driving continuous improvement of governance and risk management maturity.
• Provide executive-level reporting on cybersecurity posture, compliance status, and resilience metrics.
• Serve as a key liaison between InfoSec, IT, Audit, Legal, peers in InfoSec Compliance, and business stakeholders to ensure security risks are clearly communicated and appropriately governed.
• Aid internal and regulatory compliance efforts, including NERC CIP, TSA, Coast Guard, and other applicable federal and state mandates.
• Facilitate and maintain cyber resilience strategies to ensure continuity of operations during and after cyber incidents.
• Follow change management and production acceptance controls and guidelines, maintain diagrams and documentation as appropriate and support reviews, auditing and maintenance activities
• Promote a customer service-oriented team by emphasizing professionalism, honesty, concern, courtesy, excellence and teamwork in a group. Ensure that communications between staff members and business organizations are handed in a professional, efficient manner
• Support operating organizations during corporate emergencies. Participate in the Company's emergency management processes for cybersecurity.

Qualifications

• Master's Degree and 6 years of work experience in IT or Utility environments with at least four (4) years in GRC or similar
• Bachelor's Degree and 8 years of work experience in IT or Utility environments with at least four (4) years in GRC or similar

• Master's Degree preferably in Information Technology, Computer Science, Information Security, Math, Engineering or business-related discipline preferred.
• Bachelor's Degree preferably in Information Technology, Computer Science, Information Security, Math, Engineering or business-related discipline preferred.

• Must demonstrate knowledge of project management concepts and ability to support project monitoring, tracking, and facilitation to ensure project deliverance/completion, required.
• Proven experience of process and policy creation and documentation, required.
• Must demonstrate strong analytical skills, required.
• Must have managerial/supervisory experience, required.
• Must demonstrate strong oral and written communication, presentation and interpersonal skills, required.
• Must have used, and have working knowledge of MS Excel, Word and PowerPoint, required.
• Experience and working knowledge of GRC concepts, required.
• Experience developing and delivering well organized analytical presentations, preferred.
• Experience with contract administration a plus, preferred.
• Experience with developing training and awareness programs, preferred.
• Experience working as a project or program manager role a plus, preferred.
• Experience in Information Technology/Cybersecurity a plus, preferred.

• Effectively coaches and delivers constructive feedback
• Demonstrates a high commitment to quality
• Assumes personal responsibility for actions
• Strong verbal communication and listening skills
• Ability to lead/manage others
• Possesses flexibility to work in a fast paced, dynamic environment
• Effective interpersonal skills
• Demonstrated analytical skills
• Ability to simultaneously handle multiple priorities
• Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
• Effective interpersonal skills

• Driver's License Required

• Ability to push, pull, and lift up to 25 pounds
• Sit or stand to use a keyboard, mouse, and computer for the duration of the workday

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.