Specialist ISS Governance Risk & Compliance (All Levels) STP Nuclear Operating Company, 12090 FM 521, Wadsworth, Texas, United States of AmericaReq #1152 Thursday, January 9, 2025 The South Texas Project Electric Generating Station is one of the newest and largest nuclear power facilities in the nation. STP's two units produce 2,700 megawatts of carbon-free electricity - providing clean energy to two million Texas homes. Through our uncompromising commitment to nuclear safety and continuous focus on improving plant operations, STP has emerged as an industry leader. Our 1,200 employees maintain an ongoing commitment to the safe and reliable operation of the facility. The company's culture and core values focus on safety, integrity, teamwork and excellence. SUMMARY The Security Governance, Risk, and Compliance (GRC) Analysts develop and maintain information security policies and workforce training and awareness. The GRC Analyst serves as a critical resource for staff and leaders regarding information on security policy implementation, interpretation, and complication. The GRC Analyst assesses and prioritizes information security and cybersecurity risk across the organization, facilitates compliance with regulatory requirements and information security policies, and develop and reports on information security metrics. **Spec ISS Governance Risk & Compliance Assoc** EDUCATION • Bachelor’s degree in computer science or business administration (Preferred) • Without a degree, 5 years’ experience in one or a combination of programming, network administration, SQA or system architecture will be considered. EXPERIENCE • No experience is required. LICENSE/CERTIFICATIONS • Certified Risk & Compliance CRISC (Preferred) • Certified Information Systems Auditor CISA (Preferred) • Certified Procedure Professional Writer (Preferred) ESSENTIAL RESPONSIBILITIES Internal Auditor: • Assisting internal audit assessments for specific business functions including scope, schedule, participants, and justifications. • Working with management to ensure a system is in place which ensures that all major business risks are identified and analyzed, on an annual basis. • Assisting in the coordination coverage with the external auditors and ensure that each party is not only aware of the other's work but also well briefed on areas of concern. • Making recommendations to Management on the systems and procedures being reviewed, report on the findings and recommendations, and monitor STP’s leadership responses and implementation. Governance, Risk and Compliance (GRC): • Assist in the development of strategies, goals and objectives related to governance. • Supporting efforts associated to governance policies and procedures. • Develop internal assessments for IT systems and processes. • Assist in providing guidance to building structures and processes related to governance. • Identifying risks associated to risk management. • Supporting analysis and monitoring of risk assessments. • Supporting the analysis of laws and regulations associated to compliance. • Supporting the development of controls and compliance activities. The South Texas Project Electric Generating Station is one of the newest and largest nuclear power facilities in the nation. STP’s two units produce 2,700 megawatts of carbon-free electricity – providing clean energy to two million Texas Homes. Through our uncompromising commitment to nuclear safety and continuous focus on improving plant operations, STP has emerged as an industry leader. Our employees maintain an ongoing commitment to the safe and reliable operations of the facility. The company’s culture and core focus on collaboration, accountability, resilience, and excellence. **Spec ISS Governance Risk & Compliance** EDUCATION • Bachelor’s degree in computer science or business administration (Preferred). • Without a degree, 5 years’ experience in one or a combination of programming, network administration, SQA or system architecture will be considered. EXPERIENCE • 2 years of related experience (Required) LICENSE/CERTIFICATIONS • Certified Risk & Compliance CRISC (Preferred) • Certified Information Systems Auditor CISA (Preferred) • Certified Procedure Professional Writer (Preferred) ESSENTIAL RESPONSIBILITIES Internal Auditor: • Assisting internal audit assessments for specific business functions including scope, schedule, participants, and justifications. • Working with management to ensure a system is in place which ensures that all major business risks are identified and analyzed, on an annual basis. • Assisting in the coordination coverage with the external auditors and ensure that each party is not only aware of the other's work but also well briefed on areas of concern. • Making recommendations to Management on the systems and procedures being reviewed, report on the findings and recommendations, and monitor STP’s leadership responses and implementation. Governance, Risk and Compliance (GRC): • Assist in the development of strategies, goals and objectives related to governance. • Supporting efforts associated to governance policies and procedures. • Develop internal assessments for IT systems and processes. • Assist in providing guidance to building structures and processes related to governance. • Identifying risks associated to risk management. • Supporting analysis and monitoring of risk assessments. • Supporting the analysis of laws and regulations associated to compliance. • Supporting the development of controls and compliance activities. **Spec ISS Governance Risk & Compliance Sr** EDUCATION • Bachelor’s degree in computer science or business administration (Preferred) • Without a degree, 5 years’ experience in one or a combination of programming, network administration, SQA or system architecture will be considered. EXPERIENCE • 5 years of related experience (Required) LICENSE/CERTIFICATIONS • Certified Risk & Compliance CRISC (Preferred) • Certified Information Systems Auditor CISA (Preferred) • Certified Procedure Professional Writer (Preferred) ESSENTIAL RESPONSIBILITIES Internal Auditor: • Assisting internal audit assessments for specific business functions including scope, schedule, participants, and justifications. • Working with management to ensure a system is in place which ensures that all major business risks are identified and analyzed, on an annual basis. • Assisting in the coordination coverage with the external auditors and ensure that each party is not only aware of the other's work but also well briefed on areas of concern. • Making recommendations to Management on the systems and procedures being reviewed, report on the findings and recommendations, and monitor STP’s leadership responses and implementation. Governance, Risk and Compliance (GRC): • Assist in the development of strategies, goals and objectives related to governance. • Supporting efforts associated to governance policies and procedures. • Develop internal assessments for IT systems and processes. • Assist in providing guidance to building structures and processes related to governance. • Identifying risks associated to risk management. • Supporting analysis and monitoring of risk assessments. • Supporting the analysis of laws and regulations associated to compliance. • Supporting the development of controls and compliance activities. **Spec ISS Governance Risk & Compliance Staff** EDUCATION • Bachelor’s degree in computer science or business administration (Preferred) • Without a degree, 8 years’ experience in one or a combination of programming, network administration, SQA or system architecture will be considered. EXPERIENCE • 8 years of related experience (Required) LICENSE/CERTIFICATIONS • Certified Risk & Compliance CRISC (Preferred) • Certified Information Systems Auditor CISA (Preferred) • Certified Procedure Professional Writer (Preferred) ESSENTIAL RESPONSIBILITIES Performs the following with a high level of expertise and ownership: Internal Auditor: • Assisting internal audit assessments for specific business functions including scope, schedule, participants, and justifications. • Working with management to ensure a system is in place which ensures that all major business risks are identified and analyzed, on an annual basis. • Assisting in the coordination coverage with the external auditors and ensure that each party is not only aware of the other's work but also well briefed on areas of concern. • Making recommendations to Management on the systems and procedures being reviewed, report on the findings and recommendations, and monitor STP’s leadership responses and implementation. Governance, Risk and Compliance (GRC): • Assist in the development of strategies, goals and objectives related to governance. • Supporting efforts associated to governance policies and procedures. • Develop internal assessments for IT systems and processes. • Assist in providing guidance to building structures and processes related to governance. • Identifying risks associated to risk management. • Supporting analysis and monitoring of risk assessments. • Supporting the analysis of laws and regulations associated to compliance. • Supporting the development of controls and compliance activities. SPECIAL SKILLS, KNOWLEDGE AND QUALIFICATIONS • Must possess a working knowledge of network technologies, related communications hardware/software concepts and systems. • Must possess a working knowledge of test equipment used to solve communications hardware/software problems. OTHER RESPONSIBILITIES • Accept ERO position as needed. • Accept outage position as needed. • Ability to obtain and maintain unescorted access. ENVIRONMENTAL & PHYSICAL REQUIREMENTS (Non-Plant) • Environmental and physical requirements are subject to crouching, stooping, bending, twisting and/or lifting up to 30 lbs; ascending/descending stairs; sitting for extended periods of time; and spending considerable time in front of computer monitors. WORKING CONDITIONS • Overtime and alternate work schedules as needed. • Subject to callouts twenty-four hours per day seven days per week. • Travel may be required. • May be required to carry a phone. WORK LOCATION • Due to the nature of the work, this position provides the ability for a hybrid work schedule between Site and an alternate work location. Alternate work locations require adequate technology and that a solid ergonomic setup is present. Note: Work schedules are contingent on business need. Posting closes - January 23, 2025 STP is an equal employment and affirmative action employer and is committed to nondiscrimination in all matters relating to employment throughout the organization. STP will make every good faith effort to meet or exceed its affirmative action goals and commitments. We thank all individuals for their interest; however, only those chosen for an interview will be contacted. NOTE: In order to be considered for this position you must complete the entire application process, which includes answering all prescreening questions and providing your eSignature on or before the requisition closing date. **Other details** + Pay TypeSalary Apply Now + STP Nuclear Operating Company, 12090 FM 521, Wadsworth, Texas, United States of America