-
Sr Principal Technical Compliance Analyst - Jackson, MI
APPLY NOW
This position is located in our headquarters in Jackson, MI with required hybrid, in office working days of Monday, Tuesday, and Thursday in office. Leadership may reserve the right to change the required working days.
General Summary of Job Responsibilities
The Senior Principal Technical Compliance Analyst ensures transparency, due diligence, and deliberate actions regarding both cyber and physical security requirements to prevent life safety, financial, regulatory, and reputational harm to the company. This role involves managing compliance activities for various regulatory requirements, including NERC-CIP, PCI, FERC Hydro, TSA, API-1164, MARSEC, NRC, and SOX. Key responsibilities include designing and monitoring compliance controls, preparing for and participating in audits and assessments, managing small projects, problem-solving, and implementing root cause mitigations. The analyst ensures compliance with security requirements, facilitates the review of technical and non-technical requirements, and translates technical requirements for stakeholders. They establish effective working relationships with various stakeholders, including IT and OT, and engage with external regulators to ensure all requirements are met. Emphasis is placed on quality and continuous improvement in adherence to regulations and risk mitigation. The position requires strong critical thinking and analytical skills, the ability to work independently, and a commitment to quality and continuous improvement in regulatory adherence and risk mitigation.
Essential Duties and Responsibilities- Provide project manager style support for compliance based projects by utilizing professional judgement for scope, budget, and timing. Able to create and maintain visual management and status updates that can be shared broadly with all levels of employees / leadership.
- Develop, implement, and sustain compliance programs for network and software systems to comply with requirements.
- Collaborate closely with IT, legal, and other departments to ensure comprehensive compliance coverage. Work with engineering and architecture teams to evaluate new security tools and platforms, ensuring they meet regulatory requirements, best practices, and company needs.
- Acts as the Security SME for regulatory reviews and audits, including NERC CIP, FERC Hydropower, and TSA Pipeline. Leverages deep compliance knowledge to advise on designing and implementing compliant solutions.
- Participate in operational reviews and other meetings to ensure all work is known and transparent. Discuss workload, deadlines, expectations, escalations, and barriers intelligently and effectively.
- Proficient and confident in engaging with auditors and representing the company. Capable of articulating our layered security approach clearly and concisely to both internal and external auditors.
- Leverage expertise to make informed decisions and solutions for current and incoming work, demonstrating clear, thoughtful approaches and situational awareness to all leadership levels. Regularly meet with stakeholders (Operational Technology, IT, regulatory analysts, Corporate Security, Internal Controls, etc.) to address compliance questions, ensuring decisions and action items are documented and executed. Exhibit subject matter mastery in all interactions.
- Other essential duties as assigned or may be necessary.
