Technology Risk and Compliance Specialist
Southern Company - atlanta, GA
Apply NowJob Description
Summary This position will oversee and direct the Technology Organization's Business Continuity Program, including Crisis Management. During quieter times, it will support other risk and compliance activities. Reporting to the Technology Risk and Compliance Manager, this role is part of the Risk and Compliance team within Technology Services, which administers various compliance programs and offers risk management services. Job responsibilities Oversee and enhance the Technology Organization (TO) Business Continuity Program. Collaborate with technology staff to revise the business continuity plan (BCP) annually. Create and manage the annual testing and exercise schedule for the BCP. Work alongside TO Leadership, including the CIO, to implement continuity plans during events. Present program updates to executive leadership. Evaluate recovery strategies with critical activity owners. Provide training and hold awareness workshops for responding staff. Develop, implement, and update the business impact analysis with the Enterprise Resilience Team. Lead the TO crisis management process and incorporate related plans. Establish and administer a comprehensive crisis management strategy. Facilitate execution and testing of the crisis management procedures. Report on the Crisis Management Program's status to executive leadership. Act as the Subject Matter Expert on technology risk and control activities. Represent the TO in various auditing processes. Conduct risk assessments of new applications and their supporting infrastructure. Facilitate the creation and documentation of TO Policies and Standards. Provide management-level summaries of risk and compliance issues to senior management. Develop, document, and publish metrics to measure the success of the TO. Identify and recommend operational efficiency improvements for compliance activities. Assist in updating the Technology Organization Risk profile. Education Requirements A bachelor's degree in fields like information security, computer science, MIS, CIS, or a related area is preferred for college graduates. Preferred Certifications Industry certifications including but not limited to: Disaster Recovery and Crisis Management: ABCP, CBCP, CDRE, CFCP, MBCP, CMCS Risk Management: CRISC, CISA, CGEIT Experience Requirements Prior experience in disaster recovery, business continuity or crisis management Preferred Areas of Knowledge Disaster Recovery Business Continuity Crisis Management Governance/Risk and Compliance Skills Desired Possesses experience in developing, implementing, maintaining, and overseeing policies, standards, procedures, programs, plans, and processes. Proficient in handling Business Continuity, Disaster Recovery, and Crisis Management programs. Experienced in enterprise risk management, including threat assessment, vulnerability management, and risk mitigation. Meticulous in a dynamic environment with strong verbal and written communication skills at all levels. Excellent interpersonal skills for effective interaction with departments, auditors, and management. Able to comprehend complex technical information and explain it to non-technical audiences. Exhibits strong analytical abilities, a positive attitude, teamwork, and innovative problem-solving skills. Shows effective time management, sound business judgment, and the ability to handle multiple tasks and prioritize work. Knowledgeable in Microsoft Suite products (Word, Excel, PowerPoint). Balances compliance needs and technical operational requirements while tactfully managing relationships at all levels. Adept at leading discussions with employees and senior executives and coordinating external consultants for process and program development activities. Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers' and communities' needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Identification: 8200 Job Category: Information Technology Job Schedule: Full time Company: Southern Company Services
Created: 2024-10-23