It Regulatory, Compliance, And Audit Manager

Green Mountain Power is seeking an experienced Regulatory, Compliance, and Audit Manager to join its IT Security Operations Team. In this position you will play a critical role in ensuring the organization's adherence to all relevant regulatory and Audit requirements, compliance standards, and internal IT policies, especially, as they relate to information security programs, projects, and governing frameworks.

Preferred candidates will possess the skills and experience necessary for overseeing all compliance and Audit activities and implementing and coordinating measures to safeguard the organization's assets, information, and overall security posture.

Key Responsibilities

• Stay up to date with the latest security-related laws, regulations, and industry standards.
• Research, develop, and maintain a comprehensive understanding of relevant regulations and frameworks (e.g., CIS18, NIST, ISO 27000, GDPR, NERC CIP, SOC, FERC ASCC).
• Collaborate with security, IT, legal, and internal/external audit teams to ensure security practices align with Federal and State regulatory requirements and standards.
• Implement and monitor compliance programs, processes, and policies to maintain a strong security posture.
• Prepare audit schedules, define scope, and coordinate with key stakeholders and resources to address identified gaps or vulnerabilities.
• Analyze audit and pen-test findings, propose corrective actions, and monitor implementation of corrective measures.
• Develop, update, and communicate security policies, standards, and procedures that align with industry best practices and regulatory requirements.
• Ensure that security policies and procedures are consistently applied across the organization.
• Prepare and submit compliance reports to relevant regulatory authorities and stakeholders as needed.
• Develop and deliver regular reports to senior management on the organization's security compliance status.
• Conduct recurring training sessions to educate staff and leadership on compliance requirements and best practices.

Qualifications and Skills

• Bachelor's degree in computer science, information security, or equivalent experience working within an IT enterprise, security operations, audit, or legal organization is advantageous.
• Strong knowledge of security frameworks, industry standards, and best practices (e.g., NIST, CIS, SOC, etc.).
• Excellent analytical and problem-solving skills with keen eye for detail.
• Comfort with understanding and interpreting IT terminology, practices, and architectures.
• Exceptional communication and interpersonal skills.
• Strong leadership skills to lead and motivate cross-functional teams.
• Ability to work independently and under pressure in a fast-paced technology environment.

This position is flexibly based out of our Colchester or Rutland, Vermont locations and the opportunity for hybrid work is also possible. The nature of this role does require on-site meetings to coordinate work and team activities, especially, during project ramp-up and internal audit phases.

About Green Mountain Power

Green Mountain Power serves more than 270,000 residential and business customers in Vermont with electricity that's 100% carbon free and 80% renewable on an annual basis, and GMP is partnering with customers to improve lives and transform communities. GMP is providing solutions to cut carbon and is delivering electricity that is clean, affordable, and always on. GMP is the first utility in the world to get a B Corp certification, meeting rigorous social, environmental, accountability and transparency standards and committing to use business as a force for good. In 2022, GMP was named to TIME's list of the 100 Most Influential Companies. Fast Company named GMP one of the top five Most Innovative Companies in North America in 2022. GMP also earned a spot on Fast Company's Most Innovative Companies in the World list in the energy sector four years in a row, and in 2023 and 2021 the Smart Electric Power Alliance (SEPA) honored GMP as a nationwide leader in energy transformation.

Don't meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At GMP we are dedicated to building a diverse, inclusive, and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Women and Minorities are encouraged to apply.

Green Mountain Power is an Equal Opportunity Employer