South Jersey Industries Governance Risk and Compliance Analyst in United States
The role will be responsible for establishing appropriate Critical Access and SOD rule sets for different applications (Workday Financials and HCM, Oracle Customer Care & Billing (CC&B), Maximo and Hyperion), managing IT organizational policies and standards in support of legal and regulatory compliance needs, designing and testing general IT and organizational information security controls and interfacing with Internal Audit and business leaders to ensure that controls are designed and operating effectively. The GRC analyst will be responsible for helping to manage IT compliance for SJI utilizing Saviynt Security Manager (SSM). The individual will manage and support GRC activities within Saviynt; such as establishing user access requests and approval workflows, critical access and segregation of duties (SOD) assessments for multiple business processes, user access reviews, data governance, and IT and Cyber risk management functions.
Work as a GRC lead to design, develop, build, and test the Saviynt IGA solution to support SJI business and audit requirements.
Interact/coordinate with business stakeholders for various business processes supported by applications (Workday, Oracle CC&B, etc.), to define, build, test and support user access request and approval workflows, user access reviews and critical access and SOD assessments requirements.
Ensure controls designed in Saviynt meet control objectives as defined by Management and tested by Internal and External Auditors.
Continually monitor controls throughout the fiscal year to ensure controls are operating effectively and communicate status to appropriate business and audit stakeholders.
Provide solution options, knowledge- and experience-based recommendations and projected impacts to address gaps between control objectives and designed control activities
Resolve technical issues through debugging, research, and investigationProvide technical expertise and real-life experience in creating solutions, design, proof of concept and implementation.
Plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data.
Update SOD frameworks and matrix with strong partnership between the business and supporting functions.
Strong understanding of fundamental information security concepts and technology
Experience with Workday and Oracle application security
Java/J2EE and strong SQL knowledge is ideal, knowledge of Web Services (REST/SOAP)
Strong technical presentation and communication skills, both verbal and written
Ability to work independently, adapt quickly, and maintain a positive attitude
Sound business and technical acumen
Strong sense of task ownership and self-motivation
Problem solver, ability to troubleshoot and break down complex issues into an actionable progression of tasks
5 + years overall relevant experience, including identity governance, audit, cyber risk, consulting, or related services
Significant experience with legal and regulatory compliance standards such as SOX, GDPR, HIPAA, NERC-CIP, etc.
Familiarity with control frameworks, such as ISO or NIST Cybersecurity Frameworks
Experience with IT governance, risk, and compliance management in a large environmentUtility industry experience is ideal
Experience with documenting and testing controls with experience in following test procedures that include Test of Design and Test of Operating Effectiveness.
Other:Certified Information Security Auditor (CISA), Certified Risk and Information Systems Controls (CRISC), Certified Information Systems Security Professional (CISSP)
Explore the Possibilities
If you're looking to make an impact, South Jersey Industries is the perfect place. For interns, college graduates, or experienced professionals, at South Jersey Industries we look for enthusiastic, talented professionals at every level of our enterprise. From call center representatives with excellent people skills to engineers with the vision and expertise to design tomorrow’s energy infrastructure, we know that our people fuel our success. We take pride in recruiting the best talent available for every facet of our business. Explore the possibilities. You'll be sure to find an opportunity that piques your interest.
We are committed to developing and implementing innovative projects that increase energy efficiency and save clients money
We provide an opportunity to build a successful and rewarding career in a variety of functional business areas
We foster individual talents and abilities while promoting the value of teamwork
Our culture prepares you for a lifetime of learning and professional development
Equal Opportunity/Affirmative Action Employer
SJI (NYSE: SJI), an energy services holding company based in Folsom, NJ, delivers energy services to its customers through three primary subsidiaries. SJI Utilities, SJI's regulated natural gas utility business, delivers safe, reliable, affordable natural gas to approximately 690,000 South Jersey Gas, Elizabethtown Gas and Elkton Gas customers in New Jersey and Maryland. SJI's non-utility businesses within South Jersey Energy Solutions promote efficiency, clean technology and renewable energy by providing customized wholesale commodity marketing and fuel management services; and developing, owning and operating on-site energy production facilities. SJI Midstream houses the company's interest in the PennEast Pipeline Project. For more information about SJI and its subsidiaries, click here.