Skip to content

IT Compliance Analyst

Portland General Electric


IT Compliance Analyst

Note: This role is located in Portland, Oregon. The work in IT is a hybrid model with some days working from home and some days in the office for in person collaboration opportunities. We are able to support work from Oregon and Washington at this time.

Job description

This is an addition to the IT digital program team, under Cybersecurity and Governance. The ideal candidate will be someone that has strong understanding of IT SOX controls, NACHA controls, automated controls, and experience with IT general control environment.

We are looking for someone to work closely with our IT and SOX Compliance teams to design and build operational controls as it relates to compliance. This is an exciting opportunity to strengthen partnerships and ensure compliance standards are met.

This role requires a bachelor’s degree in finance, business, technical field or other related field or equivalent experience and typically five or more years in combination with compliance and one or more years of utility operations, cyber security or auditing in a regulatory environment (Utility/energy preferred).

What you would get to work on:


  • Ensure continuous SOX compliance across all critical business applications.

  • Serve as the subject matter expert for IT leadership, internal and external auditors.

  • Assist in successful completion of daily, monthly, quarterly, and annual user access reviews

  • Collaborate with SOX team in developing testing, devising solutions/processes to meet applicable IT control objectives

  • Partner with SOX and facilitate training for IT and business process and control owners on regulatory and compliance requirements.

  • Gain insight into pain points across IT compliance processes and work with IT application teams to eliminate friction points.

  • Coordinate with the Information Technology Security Team (when needed) for log review and security concerns or issues.

  • Review IT internal processes for compliance with internal policies and procedures.

  • Develop measurable metrics for an improved compliance process and control performance.

  • Data visualization with tools, including script writing, extract, and SQL programming across standard commercial databases (e.g., Oracle, MySQL, etc.) would be strongly preferred.

Operational Procedures, Processes and Practices Analyzes new or revised regulations for SOX, NACHA AND IT GENERAL CONTROLS, requirements and standards. Translates into the appropriate systemic and procedural solutions to enable compliance adherence. Writes and revises standards and provides guidance on implementation.

Compliance Monitoring and Review Tracks and documents data related to compliance controls. Identifies gaps, analyzes trends and recommends remediation strategies. Collaborates with Corporate Regulatory Compliance on initiatives and reviews.

Consultation and Outreach Serves as a subject matter expert for questions related to standards and regulations. Provides both proactive and responsive information on standards and regulations, procedures and processes. Develops and delivers training within operational domain.

Research and Analysis Monitors regulatory and industry websites and other information channels for decisions and developments related to compliance. Researches changes in technology, process or regulation. Analyzes implications, determines which procedures or process are impacted and makes recommendations to management.

Compliance Audits Assists with internal and external audits of federal regulatory compliance matters conducted throughout the company. Provides functional subject matter expertise.

Compliance automation Analyzes ways to automate control performance, control evidence and controls monitoring.

In addition:

Competencies (Knowledge, Skills, Abilities)

  • Advanced knowledge of business processes and procedures in operational domain.

  • Advanced knowledge of relevant regulations and reliability standards. Advanced knowledge of corporate and operational compliance and risk management principles and protocols.

  • Advanced analytical skills, including defining problem or issue, researching solutions and alternatives, supporting conclusions and presenting findings.

  • Intermediate skills in using database and documentation tools.

  • Intermediate business acumen skills

  • Intermediate problem-solving skills

  •  Intermediate decision-making skills

  • Advanced written and oral communication skills

  • Advanced analytical thinking skills

  • Advanced diplomacy skills

  • Advanced organization and prioritization skills

  • Intermediate interpersonal skills

  • Consistent use of logic or scientific thinking to define problems, collect information, establish facts and draw valid conclusions (for example, engineer, HR director, plant manager, etc.).

  • Ability to adhere to set response times, deadlines and time-sensitive tasks

  •  Ability to follow accuracy standards

  • Ability to follow through on decision-making tasks

  • Ability to interact effectively and collaboratively within a team environment

  • Ability to communicate and problem solve when under stress

  • Ability to respond and adapt to frequent change

  • Ability to accept and demonstrate self-awareness when provided constructive feedback

  • Ability to discern feedback and acknowledge ownership of areas of improvement

  • Ability to avoid future mistakes by applying reasonable skills to new but similar work situations or tasks

  • Ability to successfully collaborate with peers, managers and others within the organization Demonstrates sound memory

  • Ability to process latest information to be applied consistently to work tasks


  • Ability to work long hours

  • Ability to work a variable schedule

  • Ability to report to work and perform work during periods of severe inclement weather

  • Ability to consistently meet attendance standards for regular, reliable, predictable, full-time attendance

  • Driving/travel/commute: Overnight inside/outside the service territory - Occasionally (one to two times a month or less)

  • Computer use (use computer regularly for entire work shift)

Related Jobs

Senior DevOps Engineer   Portland, OR new
July 26, 2021
Director, Analyst Relations   5500 Meadows Rd, Suite 500, Lake Oswego, OR new
July 26, 2021
July 22, 2021