Sr Prin Technical Compliance Analyst at Consumers Energy in JACKSON, MI

Join the diverse and dynamic team that powers Michigan's largest energy provider and one of the nation's largest gas and electric combination utilities. Consumers Energy services 6.8 million of Michigan's 10 million residents - caring for our friends and neighbors in all 68 Lower Peninsula counties. We embrace a cleaner and leaner utility vision focused on eliminating energy waste and adding renewable energy from sources such as wind and solar.

Location

This position is located in our headquarters in Jackson, MI with required hybrid, in office working days of Monday, Tuesday, and Thursday in office. Leadership may reserve the right to change the required working days.

General Summary of Job Responsibilities

The Senior Principal Technical Compliance Analyst ensures transparency, due diligence, and deliberate actions regarding both cyber and physical security requirements to prevent life safety, financial, regulatory, and reputational harm to the company. This role involves managing compliance activities for various regulatory requirements, including NERC-CIP, PCI, FERC Hydro, TSA, API-1164, MARSEC, NRC, and SOX. Key responsibilities include designing and monitoring compliance controls, preparing for and participating in audits and assessments, managing small projects, problem-solving, and implementing root cause mitigations. The analyst ensures compliance with security requirements, facilitates the review of technical and non-technical requirements, and translates technical requirements for stakeholders. They establish effective working relationships with various stakeholders, including IT and OT, and engage with external regulators to ensure all requirements are met. Emphasis is placed on quality and continuous improvement in adherence to regulations and risk mitigation. The position requires strong critical thinking and analytical skills, the ability to work independently, and a commitment to quality and continuous improvement in regulatory adherence and risk mitigation.

Essential Duties and Responsibilities

Provide project manager style support for compliance based projects by utilizing professional judgement for scope, budget, and timing. Able to create and maintain visual management and status updates that can be shared broadly with all levels of employees / leadership.
Develop, implement, and sustain compliance programs for network and software systems to comply with requirements.
Collaborate closely with IT, legal, and other departments to ensure comprehensive compliance coverage. Work with engineering and architecture teams to evaluate new security tools and platforms, ensuring they meet regulatory requirements, best practices, and company needs.
Acts as the Security SME for regulatory reviews and audits, including NERC CIP, FERC Hydropower, and TSA Pipeline. Leverages deep compliance knowledge to advise on designing and implementing compliant solutions.
Participate in operational reviews and other meetings to ensure all work is known and transparent. Discuss workload, deadlines, expectations, escalations, and barriers intelligently and effectively.
Proficient and confident in engaging with auditors and representing the company. Capable of articulating our layered security approach clearly and concisely to both internal and external auditors.
Leverage expertise to make informed decisions and solutions for current and incoming work, demonstrating clear, thoughtful approaches and situational awareness to all leadership levels. Regularly meet with stakeholders (Operational Technology, IT, regulatory analysts, Corporate Security, Internal Controls, etc.) to address compliance questions, ensuring decisions and action items are documented and executed. Exhibit subject matter mastery in all interactions.
Other essential duties as assigned or may be necessary.
Ownership of remediation analysis and activities, including reviewing solutions with required stakeholders (Operational Technology, IT, regulatory analysts, Corporate Security, etc.) to demonstrate that non-compliances have been remediated. Document results and review with relevant parties. Independently own and demonstrate broad thinking that considers matters across several departments, displaying professional judgment and decision-making. Additionally, own the review of potential non-compliances by investigating incidents, comparing actual occurrences to expected outcomes, and conducting conversations with key parties to determine the true nature and extended impact of incidents. Document results and review with relevant parties.
Provide backup support as team lead when necessary and build consensus on what direction the team should follow and to mentor/train others. Utilize critical thinking and ability to present ideas well to all levels of personnel, including executive directors, directors, sr. managers, etc.

Knowledge/Skills/Abilities

Leadership-type capabilities
Technical skills required relating to cyber and physical security technologies
Strong communicator with peers, regulators, and legislators, demonstrating excellent interpersonal, presentation, and listening skills
Conducting and receiving audits, interacting with auditors and managing remediation plans
Ability to build relationships through integrity and trust
Knowledge in regulatory compliance including controls development, regulatory analysis, process development, audits, automation and technical capabilities
Understanding of physical and cyber security terminology and concepts

Education / Experience

Bachelor's Degree in IT, Cyber Security, Computer Science or Related Field with 10 years of experience in IT or Cyber Security OR
Associates Degree in IT, Cyber Security, Computer Science or Related Field with 12 years of experience in IT or Cyber Security OR
High School Diploma or GED with 14 years of experience in IT or Cyber Security

Why should you join our team?

At Consumers Energy, we offer more than just a place to work. We foster a culture that supports career development, growth, and stability, and we take pride in offering our co-workers excellent benefits and compensation packages. We are deliberately creating an inclusive culture that makes our diverse team of co-workers feel valued, supported, and empowered every day. We're a company made up of thousands of people, all with different stories to share and work to do, but we stand united in our company purpose: world class performance delivering hometown service.

What we offer:

Competitive compensation packages
Medical, Dental and Vision
401k with company match
Paid parental leave
Up to 13 paid Holidays
Paid time off
Educational Assistance Program

Diversity, Equity & Inclusion:

We, at CMS Energy, value Diversity, Equity, & Inclusion. It is part of our DNA. We treat our employees with respect, we treat each other fairly and we value the opinions of others. We are passionate about building and nurturing an environment where everyone feels included. We don't discriminate. We seek to learn about each other and better understand our unique differences. Our uniqueness makes us authentic. We create safe spaces where everyone can be who they truly are. We invite difficult conversations and uncomfortable topics. We value diverse perspectives; this is what makes us great together. We harbor an inclusive environment where employees feel empowered to share their backgrounds, experiences, and ideas. Our Employee Resource Groups, Women's Advisory Panel (WAP), Women's in Energy (WE), Minority Advisory Panel (MAP), Pride Alliance of Consumers Energy (PACE), GENERGY, capable, Interfaith and Veterans Advisory Panel (VAP) are key enablers to living the values of our company culture: Caring, Empowered, Deliberate, Agility, and Ownership.

All qualified applicants will not be discriminated against and will receive consideration for employment without regard to protected veteran status, disability, race, color, religion, sex, age, sexual orientation, gender identity or national origin.