Requisition ID# 157420
Job Category: Government and Regulatory Relations
Job Level: Senior Manager
Business Unit: Information Technology
Work Type:
Job Location: Oakland
Department Overview
Enterprise Protection-Information Technology (EP-IT) Governance, Risk and Compliance (GR&C) is responsible for managing risk and compliance governance and oversight activities for the Information Technology and Enterprise Protection organization. The team reports directly to the SVP, CSO/CDAO with functional responsibility aligned to support the broader CIO organization. In a rapidly changing environment, this team provides guidance, consultation, and support to the IT Architecture, IT Operations, Cybersecurity and Corporate Security organizations to ensure risk and compliance are well-managed today and prepared for emerging requirements and opportunities in the future.
Position Summary
The Risk Management Senior Manager in EP-IT GR&C, will lead a team of risk and compliance consultants that play a pivotal role in developing, implementing, and overseeing an EP-IT Enterprise Risk Management Program. The Risk Management Senior Manager reports to the Director, EP-IT GR&C as part of the leadership team responsible establishing and managing a comprehensive Governance, Risk and Compliance (GR&C) Program. The risk management program spans IT Operations, Physical Security and Cybersecurity functions, and provides state regulatory risk assessment and mitigation input, testimony and deliverables. In addition, the IT Risk Management Program aligns to the Enterprise Operational Risk Management (EORM) Program and provides input and/or deliverable to board level committees. The EP-IT Risk Management Program is focused on cybersecurity risk, physical attack risk and IT asset failure risk, requiring a cross-functional approach to risk management. The Risk Management Senior Manager position is responsible for the successful delivery of the EP-IT Enterprise Risk Management Program in alignment with PG&E strategic vision & goals.
This position is hybrid, working from your remote office and your assigned work location approximately 2 - 4 times per month or more, based on business need. The assigned work location will be within the PG&E Service Territory.
PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. This job is also eligible to participate in PG&E's discretionary incentive compensation programs. Although we estimate the successful candidate hired into this role will be placed towards the middle or entry point of the range, the decision will be made on a case-by-case basis related to these factors.
A reasonable salary range is:
Bay Area Minimum: $147,000.00
Bay Area Maximum: $251,000.00
Job Responsibilities
Plan and manage an annual Tactical Implementation Plan (TIP) for risk management activities outlined under the program standard.
Act as a Subject Matter Expert for CPUC Risk Assessment & Mitigation Phase (RAMP) deliverables and responses.
Recruit, coach and develop risk and compliance consultants in the formation of a cohesive, interdependent and agile team of employees and contractors.
Participate and contribute to industry forums and working group.
Develop and execute a comprehensive risk monitoring process to identify emerging risks and ownership to ensure a prompt response and/or mitigation plan.
Stay abreast of evolving regulatory changes in California and broader utility industry, adapting processes and procedures accordingly.
Collaborate with cross-functional teams to integrate risk assessment and management processes into operational programs.
Provide guidance and training to employees on risk management matters, fostering a culture of awareness and accountability.
Responsible for communicating program KRIs and bowties to directors, officers and governance committees in a clear and concise manner.
Develops effective key performance and key risk indicators (KPI/KRI) to track, report, and improve overall performance and maturity of the risk management program.
Responsible for the development of departmental goals in support of business objectives and implementing appropriate work plans in support of those goals, including employee development.
Qualifications
Minimum:
Desired: