Cybersecurity Sox Compliance Analyst

WHO WE ARE

"Energizing the Future."

TransAlta owns, operates, and develops a diverse fleet of electrical generation assets in Canada, the United States, and Australia, providing municipalities, industries, and businesses with safe, low-cost, and reliable clean electricity. For over 111 years, TransAlta has been a responsible operator and proud community member where its employees work and live. We are committed to fostering a dynamic, productive, and safe work environment. Our employees contribute to a diverse, open, and transparent culture with clear accountabilities, strong leadership, and challenging opportunities for personal career growth.

For more information about TransAlta, visit our website at, www.transalta.com.

Our Commitment to Equity, Diversity, and Inclusion

It is our collective mission to ensure that every single employee feels a sense of inclusion and belonging and can show up to work as their true authentic self. TransAlta is committed to hiring a diverse workforce including women, Indigenous Peoples, persons with disabilities, members of visible minorities, and members of the LGBTQ2+ community. TransAlta believes that diversity enhances the quality of its performance, is an essential element of effective corporate governance, and cultivates a strong workplace culture.

ABOUT THE ROLE

This role is assigned to lead the management and alignment of SOX ITGC compliance cybersecurity duties. The ideal candidate for this role has strong analytical, communication, and project management skills, as well as a solid understanding of IT general controls, SOX compliance, and cybersecurity frameworks. You will work closely with various stakeholders across the organization, including IT, finance, internal audit, and external auditors, to ensure the effective design and operation of ITGCs and remediation of any deficiencies. You will also monitor and report on the status of cybersecurity initiatives and compliance activities, ensuring alignment with SOX requirements and best practices.

This role reports to the Manager, Cybersecurity and Risk Management.

• Lead the identification, analysis, and communication of cybersecurity deficiencies/gaps, presenting detailed and pragmatic recommended solutions aligned with business goals and risk management in relation to SOX compliance.
• Drive the development and oversee the implementation of strategies for key process improvements in the realm of SOX compliance and cybersecurity.
• Champion and oversee the training initiatives and the design/implementation of procedures aimed to automate/streamline SOX compliance processes.
• Elicit, gather, and prioritize business requirements with a particular focus on ensuring cybersecurity best practices.
• Foster advanced stakeholder engagement, ensuring a comprehensive requirements analysis.
• Lead and facilitate workshops tailored to senior stakeholders to align cybersecurity objectives.
• Coordinate and lead end-user training sessions with a focus on cybersecurity and SOX compliance.
• Facilitate and liaise with Internal/External Audit program stakeholders to ensure alignment and SOX compliance ITGC reporting.
• Perform thorough analysis of requirements, ensuring top-tier quality assurance for:

o Operational documentation.

o Process and procedures with a cybersecurity focus.

o Site Profiles emphasizing security attributes.

o Solution design tailored to cybersecurity standards.

o Specialized cybersecurity training modules.

o Templates designed for SOX and cybersecurity compliance.

o Comprehensive reports detailing compliance and cybersecurity posture.

• Proactively obtain, review, and interpret compliance control evidence, ensuring alignment with SOX requirements and cybersecurity standards.
• Collaborate with internal and external auditors to facilitate audit requests, testing, and remediation of any findings.
• Monitor changes in IT systems, processes, and policies to assess the impact on compliance and cybersecurity controls and update documentation accordingly.
• Provide guidance and training to IT staff and business stakeholders on compliance and cybersecurity best practices, policies, and procedures.
• Support the development and implementation of new or improved compliance and cybersecurity controls, tools, and processes.
• Assist in the performance of periodic risk assessments and gap analyses to identify and mitigate potential compliance and cybersecurity issues.

WHAT WE NEED FROM YOU

• A bachelor's degree in computer science, information systems, or a related field.
• A minimum of three years of experience in SOX compliance and cybersecurity, preferably in a regulated industry such as energy, finance, health care, or government.
• Relevant certifications such as CISSP, CISA, CISM, or CRISC are an asset.
• A solid understanding of compliance and cybersecurity frameworks, standards, and best practices, such as SOX, NIST, ISO.
• Proficiency in using various tools and technologies for compliance and cybersecurity monitoring, testing, and reporting.
• Strong communication, collaboration, and presentation skills, with the ability to explain complex technical concepts to non-technical audiences.
• Excellent analytical and problem-solving skills, with the ability to identify, assess, and resolve compliance and cybersecurity issues in a timely and effective manner.
• A high level of professionalism, integrity, and ethical conduct in all aspects of your work.
• A proactive and continuous learning attitude, with the willingness to seek feedback and improve your knowledge and skills

We offer our employees comprehensive and flexible benefits, competitive compensation, annual incentives, and a rewards program. To learn more about we can energize your future, check out our new Employee Experience Booklet.

Become part of our TransAlta team today! We look forward to reviewing your application. All applications will be reviewed in a timely manner to the best of our abilities. We appreciate your patience and understanding during the recruitment process.