Logo
Calpine

Director, Information Technology - Governance, Risk & Compliance (GRC)

Calpine, Houston, Texas, United States, 77246


Director, Information Technology - Governance, Risk & Compliance (GRC)

Job Category:

ISRequisition Number:

DIREC007226Apply nowPosted: September 19, 2024Full-TimeLocations

Houston Office717 Texas AveSte 1000Houston, TX 77002, USACalpine Corporation is America's largest generator of electricity from natural gas and geothermal resources with operations in competitive power markets. Its fleet of 77 power plants in operation represents over 27,000 megawatts of generation capacity. Through wholesale power operations and its retail businesses, Calpine serves customers in 22 states and Canada. Its clean, efficient, modern and flexible fleet uses advanced technologies to generate power in a low-carbon and environmentally responsible manner.Job SummaryThe Information Technology Director - Governance, Risk, and Compliance (GRC) is primarily responsible for providing leadership, as well as operational and tactical direction to diverse teams, including analysts, advisors, and architects. The Director also provides strategic direction in coordination with the Chief Security Officer (CSO) leadership team. The Director leads the team through the GRC program by establishing highly effective policies, corporate protocols, and appropriate collaboration among teams. In addition, the Director assumes responsibility for the education and enforcement of GRC protocols and matters of compliance.This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. The role requires the ability to speak confidently in front of large groups and with corporate management, vendors, and service providers. The Director also contributes to the company GRC strategy and roadmap.Job ResponsibilitiesOversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) and operational technology (OT) systems meet the organization's cybersecurity, regulatory, and risk requirements.Ensures all regulatory requirements for new and operating assets are known, tracked, prepared for and met on time.Research compliance issues and trends, formulate recommendations and solutions to support conclusions, and provide practical advice for corrective action, innovation, and continuous process improvements.Incorporate cybersecurity provisions in contracts/agreements with third parties.Manages multiple functions within a department with responsibility for results in terms of costs, methods and employees.Responsible for performance reviews, promotional decisions, and pay actions for top professionals and management.Develops productive business partner relationships and proactively interacts with key management personnel at all levels.Recognizes his/her personal developmental needs and is proactive in obtaining the coaching, networking, and training needed to ensure his/her continued success in the position.Creates a working environment that is conducive to two-way communication, teamwork, and learning.Acts as a change agent and drives the department and business forward using effective management, analysis, and strategic skills.Assumes responsibility for other duties as required or assigned.Job RequirementsBachelor’s degree in Computer Science, Information Assurance, Management Information Systems (MIS) or equivalent, prefer Master’s Degree in Information Systems OR equivalent work experience.CISA, GRCP, CISSP, CISM, GIAC preferred.Preferably 15+ years of hands-on GRC experience, with at least 3-5 years in a team leadership role.In-depth knowledge of security standards and frameworks such as NIST, NERC CIP, TSA Pipeline, PCI, and SOX.Knowledge of risk management processes.Cybersecurity Supply Chain Risk Management experience.Experience with RSA Archer eGRC.Excellent problem-solving skills and entrepreneurial spirit.Attention to detail and the ability to prioritize numerous assignments in a fast-paced environment.Strong understanding of information and operational technology (IT and OT) systems.Ability to communicate technical concepts to non-technical stakeholders.Possesses a high level of integrity, trustworthiness, and confidence.Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulation.Additional Calpine InformationEqual Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.Calpine is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities.

#J-18808-Ljbffr