Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.

Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team!

Overall Purpose:

The Information Security Governance, Risk, and Compliance ("GRC") team is responsible for ensuring that Duquesne Light's information security objectives are met. This group focuses on compliance with the company's IT and Information Security policies and procedures.

Location: Hybrid, downtown Pittsburgh, Pennsylvania

Job Responsibilities:

• Develop, enhance, and maintain information systems, platforms and IT operating compliance procedures and processes.
• As a member of the Change Control team, participates and/or leads CAB meetings, reviews evidence and tests updates to the change management application.
• Responsible for the timely completion of various compliance deliverables including risk assessment, remediation, and compliance efforts including documentation reviews, recovery exercises, asset baselines and user reviews.
• Monitor metrics that measure the IT and Information Security Framework to ensure that maturity goals are met.
• Track and ensure adequate and timely resolutions to all audit/review issues relating to security.
• Perform 3rd party vendor risk assessment program as needed.
• Utilize analytical skills to develop future strategies to resolve compliance issues.
• Prepare for and support compliance audits conducted by internal resources, consultants, or regulatory organizations.
• Provide Information Security risk advisory and consultative services to internal customers, including IT, business, and risk and compliance stakeholders.
• Provide guidance to other operational staff, including training to new project managers and other employees in completion of compliance practices and procedures.

Education/Experience Requirements:

• Bachelor degree in Information Technology, Computer Science, Cyber Security or related fields
  • Equivalent combination of education and experience may be considered in lieu of a Bachelor's degree.
• Five (5+) or more years of relevant professional experience.

Scope:
Primary focus is on daily deliverables, outputs, and reporting.Accountable for managing ones own time and work flow but may be leading projects or project steps. Work is typically complex in nature requiring the incumbent to draw on previous knowledge to perform role. Continues to build knowledge base but has a solid foundation to act independently the majority of the time. Still draws on experts and managers when needed but less frequently. Acts as a resource to less experienced staff on routine issues.

Decision Impact:

Problems and issues faced are complex. Draws on past experience on a regular basis to solve problems and take new perspectives on existing solutions. Accountable for direct level of reasoning and decision making.

Hybrid Work

Position follows our hybrid work model, with a minimum of two days working in the office and the remaining days working remotely. Reporting location and frequency may be subject to change based on job role and department needs.

Storm Roles

All Non-Union Employees will serve in storm roles as appropriate to their role and skillset. Please be sure to discuss storm roles with the hiring manager for this position, as duties can vary across the Company.Examples of storm roles could include but aren't limited to duties such as: working with operations for service center support or with the communications, customer service or government affairs teams to respond to public and customer requests for information, etc.

Data Governance

Utilize data to make business decisions as appropriate for the position, support data stewardship activities and partner with IT on underlying data needs.

EQUAL OPPORTUNITY EMPLOYER
Duquesne Light Holdings is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light Holdings' commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.

Duquesne Light Holdings is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at HR@duqlight.com and describe the specific accommodation requested for a disability-related limitation.