At PGE, our work involves dreaming about, planning for, and realizing a smarter, cleaner, more enduring Oregon neighborhood. Its core to our DNA and we haven’t stopped since we started in 1888. We energize lives, strengthen communities and drive advancements in energy that promote social, economic and environmental progress. We’re always on the lookout for people passionate about leading and being a part of teams that are advancing innovative clean energy solutions that are also affordable and accessible to all.
Job Function Information:
Risk Management Design information systems security infrastructure. Develop policies and procedures to prevent unauthorized access. Educate and communicate security requirements and procedures to users and new employees. Ensure compliance with regulations and privacy laws. May oversee internal or external systems security (i.e., cloud services). Needs may include performance in the capacity of analyst, auditor or consultant.
Key Responsibilities:
- Develop and communicate policy and standards advises internal business and IT stakeholders on information security requirements, policies and standards.
- Assists in promoting awareness of security issues among management and employees.
- Explains the purpose of and provides advice and guidance on the application and operation of physical, procedural and technical security controls.
- Contributes to the development and update of information security policies and processes.
- Risk Assessment Performs security risk, vulnerability assessments and business impact analysis for medium complexity information systems.
- Identifies observed or emerging security exposures that create potential threats to infrastructure, systems or data.
- Prepares reports of findings. Tracking and Reporting Monitors and follows up to ensure that appropriate mitigation and remediation actions have been taken on risk- assessment findings.
- Gathers and creates information security metrics reports for management using appropriate visualization techniques.
- Vendor Risk Management Conducts technical and policy-based information security risk reviews of third-party vendors.
- Reviews RFPs to ensure information security requirements are fully and correctly stated.
Education/Experience/Certifications:
- Education Requires a bachelor’s degree in computer science, information systems or other related field or equivalent experience preferred.
- Experience Typically five or more years in related field.
Competencies (Knowledge, Skills, Abilities):
- Intermediate knowledge of information system risk management principles and best practices
- Intermediate knowledge of Windows, UNIX and network administration
- Intermediate knowledge of hardening systems Intermediate knowledge of network and communication systems and equipment Intermediate knowledge of PC and productivity software
- Working knowledge of the utility industry Intermediate knowledge of relevant technology standards (e.g., ISO, ITIL, OBIT, NIST)
- Intermediate knowledge of security issues, techniques and implications across all existing computer platforms
- Intermediate knowledge of hardware and software products that enhance the security of systems, such as intrusion prevention systems (host and network based), firewalls, security event management systems, port scanning and vulnerability identification, monitoring and logging mechanisms
- Intermediate knowledge of security architecture models and principles
- Working skill in using a variety of visualization techniques to effectively present information Intermediate ability to communicate security and risk-related concepts to technical and nontechnical audiences, including all levels of management both orally and in writing
- Advanced customer focus skills Advanced accuracy skills
- Advanced oral and written communication skills
- Advanced interpersonal skills Advanced decision-making skills
- Advanced organization and prioritization skills
Physical and Cognitive Demands Cognitive Level Substantial:
- Consistent use of logic or scientific thinking to define problems, collect information, establish facts and draw valid conclusions (for example, engineer, HR director, plant manager, etc.)
- Cognitive Ability to adhere to set response times, deadlines and time-sensitive tasks Ability to follow accuracy standards
- Ability to follow through on decision-making tasks
- Ability to interact effectively and collaboratively within a team environment
- Ability to communicate and problem solve when under stress
- Ability to respond and adapt to frequent change
- Ability to accept and demonstrate self-awareness when provided constructive feedback
- Ability to discern feedback and acknowledge ownership of areas of improvement
- Ability to avoid future mistakes by applying reasonable skills to new but similar work situations or tasks
- Ability to successfully collaborate with peers, managers and others within the organization
- Demonstrates sound memory
- Ability to process new information to be applied consistently to work tasks
Physical Capabilities:
- Driving/travel/commute: Daily within service territory - Frequently (at least once a week or more)
- Driving/travel/commute: Daily within service territory - Occasionally (one to two times a month or less)
- Driving/travel/commute: Overnight inside/outside the service territory - Frequently (at least once a week or more)
- Driving/travel/commute: Overnight inside/outside the service territory - Occasionally (one to two times a month or less)
- Computer use (use computer regularly for entire work shift)
- Lifting/pushing/pulling: Up to 10 lbs.
- Lifting/pushing/pulling: Up to 50 lbs.
- Lifting/pushing/pulling: More than 50 lbs.
- Carrying: Up to 10 lbs.
- Carrying: Up to 50 lbs.
- Carrying: More than 50 lbs.
- Unstable surfaces requiring balance (i.e., moving equipment, boats) (check all that apply):
- Elevated areas (i.e., catwalks, roofs and high buildings)
- Confined spaces
- Walking distances and surfaces (long distances and over rough, uneven or rocky surfaces)
- Stairs (over 10 steps)
- Ladders (over 10 rungs)
Environment - Indoor/Outdoor (check all that apply):
Compensation Range:
$33.10 - $160,500.00
Actual total compensation, including a performance based incentive bonus, is commensurate with experience, skills, qualifications, education, training, and internal equity. While we anticipate the selected candidate for this position will fall towards the middle or entry point of the compensation range, the decision will be made on a case-by-case basis.
PGE believes in rewarding dedicated performance. We provide a total rewards package that is designed to reward your contributions to the company, and, at the same time, support your well-being and professional development, both now and into the future. To find out more, click here.
