IT Compliance Analyst job at NW Natural in Portland, OR

IT Compliance AnalystLocation: Portland, OR, USJob Description:Non-Union PositionChange Mgmt & IT Compliance; Portland, Oregon (US-OR)Hybrid schedule available for Oregon & Washington residents. Regular FTPosting # 5338About Us:At NW Natural, we offer more than rewarding career opportunities and a vibrant, inclusive work culture. We invite you to join us in providing safe and reliable utility services and renewable energy to better the lives of the communities we serve. Our vision is to be the leader in service excellence, innovation and environmental stewardship for our customers, while building on our strengths as a trusted energy provider and environmental leader for our industry.In addition to environmental stewardship, we’re also deeply committed to Diversity, Equity and Inclusion at NW Natural. Our DEI Council started 21 years ago, and today we continue to foster a culture where all employees can experience a sense of belonging, shared purpose and possibility. TheRole:NW Natural is recruiting for IT Compliance Analyst I/II/III positions. These positions will be reporting to the IT&S compliance manager and will work closely with IT&S Security and other technical, non-technical teams as well as internal or external auditors.The primary purpose of this position is to ensure Information Technology & Services (IT&S) department is in compliant with state and federal regulations by creating, monitoring, evaluating, and reporting on the effectiveness of operational controls within Information Technology (IT) and Industrial Control System (ICS) environments. Day to Day:Ensure company complies with all local, state and federal requirements. Performing and coordinating the testing of key controls, documenting findings, and ensuring controls are effectively designed and operating as intended.Collaborate with internal and external auditors to facilitate walkthroughs, evidence collection, and remediation tracking. Assist in the development and maintenance of IT compliance policies, procedures, and control frameworks. Monitor and report on control deficiencies, remediation plans, and risk mitigation strategies. Conduct security risk assessments of third-party vendors, including review of SOC reports, security questionnaires, and contractual obligations. Evaluate vendor responses and identify potential risks or gaps in security controls.Work with business units and procurement to ensure vendors meet security and compliance standards. Maintain a centralized repository of vendor assessments and risk ratings. Come on your first day with:Qualifications:Bachelor’s degree in related field or equivalent education/experience. Understanding of IT systems, applications, networks and databases. Knowledge of SOX and Operational Controls. 2 + years of experience in working on a IT compliance program and/or information security program for level 2.More advanced experience required for level 3 including managing more complex tasks, broader responsibilities, and increased autonomy in decision-making or leading initiatives. Familiarity with SOX, NIST, ISO 27001, or similar regulatory frameworks. Experience with third-party risk management tools and processes. Analytical, communication, and organizational skills. Ability to work independently and collaboratively in a fast-paced environment. Understanding of assessing and designing internal and security controls.Experience in developing and submitting audit and compliance reports to governing. Understanding of cloud security and modern IT environments. Recommended:Experience in planning, organizing, and developing information technology policies, procedures, and practices. Ability to propose creative solutions to successfully remediate identified compliance issues. Certifications in one or more of the following areas preferred: CISA, CRISC, CISSP, and CISM. What we offer:Health & Wellness –Rich health insurance benefits with competitive employer contributionFree access to an online wellness resources platformWork Life Balance -Up to 23 Vacation Days80 Hours of Sick Time10 paid holidays and 3 floating holidaysFlexible work arrangements3 weeks paid parental leaveGreen Team / Diversity, Equity & Inclusion Council / Safety Team / Women’s Network and many other Employee Resource Groups1500 sq foot exercise facility and secure bike roomFinancial -Meaningful annual incentive bonus opportunity in addition to base salaryCompetitive 401K company contribution and match15% discount on NW Natural stock through Employee Stock Purchase ProgramUp to $5250 a year in tuition reimbursementWellness incentive programDiscounts -20% off natural gas serviceUp to 30% discount at NW Natural Appliance CenterTriMet Pass for all HQ employeesGenerous discounts with bolthires & AT&T WirelessBase salary range: $86,500.00 - $123,250.00 (Level 2) or $96,000.00 - $136,800.00 (Level 3) per year, depending on qualificationsAnnual bolthires Incentive: Level 2, 9.5% bolthiresLevel 3, 9.5% bolthiresTargets are calculated using eligible earnings during plan year participation.Payout, if earned, is based on company and individual performance for each plan year and may range from 0% – 200% of bolthires. Targets are subject to change in subsequent plan years. Must be employed by September 30 in order to receive any prorated payout. All applications must be submitted through NW Natural’s Electronic Application System. Resumes submitted via email, fax or mail will not be accepted in lieu of an electronic application. NW Natural is proud to be an equal opportunity employer. We welcome and embrace our candidates’ diversity and take affirmative action to employ and advance individuals without discrimination on the basis of race, color, sex, gender identity or expression, sexual orientation, religion, age, physical or mental disability, veteran status, pregnancy (including childbirth or related medical conditions), national origin, marital status, genetic information, and all other legally protected characteristics.We forbid discrimination and harassment in the workplace based on any protected status or characteristic. A criminal history is not an automatic bar to employment with NW Natural. Instead, we make individualized assessments regarding qualifications and backgrounds. NW Natural is also committed to providing reasonable accommodations for individuals with disabilities, individuals with sincerely held religious beliefs, and disabled veterans in our job application procedures. NW Natural does not accept unsolicited submissions or assistance from search firms for posted positions.Resumes submitted by search firms working under a valid and current written contract with NW Natural valid written Statement of Work in place for this position from NW Natural HR/Employment will be deemed the sole property of NW Natural. No fee will be paid in the event the candidate is hired by NW Natural as a result of the referral or through other means. Apply tot his job