Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.
Job Title: Sr. GRC Analyst II
Job Family: Information Technology
Discipline: Information Security / Governance Risk & Compliance
Department: Information Security
FLSA Status: Exempt
The Information Security Governance, Risk, and Compliance ("GRC") team is responsible for ensuring that Duquesne Light's information security objectives are met. This group focuses on compliance with the company's IT and Information Security policies and procedures.
- Manage the development and delivery of employee/management information security training and awareness.
- Provide guidance to other operational staff, including training to new project managers and other employees in completion of compliance practices and procedures.
- Development and management of the 3rd party vendor risk assessment program.
- Develop, enhance and maintain information systems, platforms and IT operating compliance procedures and processes.
- Defines and delivers appropriate IT GRC metrics, analytics, reports and scorecards.
- Promote and monitor our corporate wide IS Security awareness program.
- Design technology controls or procedures to improve identified gap coverage.
Does not supervise others.
Bachelor’s degree in a computer science program. Industry certification: CISSP, CISA, CISM, CRISC, SANS GIAC. A Minimum of 10 years information security experience. Equivalent experience/certifications/degrees will be taken into consideration in lieu of specific requirements.
Master’s degree. Multiple industry leading certifications (preference for CISA, CISSP)
Primary focus is on daily deliverables, outputs and reporting. Typically accountable for managing one’s own time and work flow. Responsibilities are generally tactical in nature and work is typically of moderate complexity requiring the incumbent to draw on previous knowledge to perform role. Continues to build knowledge base and develop capabilities by partnering with more experienced staff as needed
Problems and issues faced are vague but may be recognizable based on past experience. Accountable for some direct level of reasoning and decision making.
Duquesne Light Company is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light's commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.