Arizona Public Service generates clean, reliable and affordable energy for 2.7 million Arizonans. Our service territory stretches across the state, from the border town of Douglas to the vistas of the Grand Canyon, from the solar fields of Gila Bend to the ponderosa pines of Payson. As the state's largest and longest-serving energy provider, our more than 6,000 dedicated employees power our vision of creating a sustainable energy future for Arizona.
Since our founding in 1886, APS has demonstrated a strong commitment to our customers in one of the country's fastest growing states, earning a reputation for customer satisfaction, shareholder value, operational excellence and business integrity.
Our present and future success depends on the creative and dedicated people of our company who demonstrate the principles outlined in the APS Promise: Design for Tomorrow, Empower Each Other and Succeed Together.
The Cyber Info Assurance Analyst II/III isresponsible for the design and implementation of information assurance and data security in SOX In-Scope Key Applications by developing and managing the Company's SOX General IT Controls (GITCs) compliance program. Coordinate all aspects of GITCs over SOX In-Scope Key Applications by providing subject matter expertise on control matters with a primary focus on SOX compliance across Cybersecurity and IT. Collaborate with management, internal and external audit, Cybersecurity and Information Technology teams to evaluate internal control over SOX In-Scope Key Applications. From the cybersecurity perspective, assess and mitigate data security threats and risks throughout the SOX Compliance program and validate data security requirements through analysis.
Level II
Level III
Preferred Special Skills, Knowledge or Qualifications:
1) Follow information security and data privacy framework controls to ensure adequate protection procedures exist around APS's SOX In-Scope Applications and supporting systems.
2) Maintains and regularly reconciles, in partnership with the SOX Compliance and Technical Accounting Research Consultant, the inventory of SOX In-Scope applications and supporting systems to build a proactive and compliant SOX GITC program.
3) Provides analysis, design, development, implementation and security assessments to ensure SOX compliance
4) Facilitate the development of documentation in support accreditations, and perform vulnerability management activities for SOX In-Scope Key Applications and supporting systems.
5) Complete audits of the SOX In-Scope Key Applications or supporting systems, aligning controls and requirements to company adopted frameworks
6) Initiate improvements of processes, systems, or products to enhance performance of the technical area
7)Communicate status of annual plan, evaluate audit findings, and provide recommendations for remediation to management, process owners, and internal and external audit teams.
8)Conduct annual SOX GITC "refresh" to assess updates, additions or deletions needed across all GITCs in place. Evaluate the impact of new or updated IT systems and provide expertise of the impact to the Company's SOX compliance program.
9). Develop and maintain strong working relationships with management and internal and external auditors. Act as a liaison between the groups with regard to SOX compliance and SOX GITC audit testing plans.
10). Assist process owners and internal audit with the SOX risk assessment and maintenance of SOX documentation for new or changing processes, risks, and IT systems.
11). Develop and deliver SOX training and ensure stakeholders are sufficiently trained on SOX GITC requirements, design, and ownership.
12). Perform deficiency evaluations to determine impact of identified GITC issues and update quarterly SOX log for distribution to the SOX Steering Committee and Audit Committee; lead mitigation efforts with control owners and performers for identified GITC deficiencies until remediated.
This position may require access to and/or use of information subject to control under the Department of Energy's Part 810 Regulations (10 CFR Part 810), the Export Administration Regulations (EAR) (15 CFR Parts 730 through 774), or the International Traffic in Arms Regulations (ITAR) (22 CFR Chapter I, Subchapter M Part 120) (collectively, 'U.S. Export Control Laws'). Therefore, some positions may require applicants to be a U.S. person, which is defined as a U.S. Citizen, a U.S. Lawful Permanent Resident (i.e. 'Green Card Holder'), a Political Asylee, or a Refugee under the U.S. Export Control Laws. All applicants will be required to confirm their U.S. person or non-US person status. All information collected in this regard will only be used to ensure compliance with U.S. Export Control Laws, and will be used in full compliance with all applicable laws prohibiting discrimination on the basis of national origin and other factors. For positions at Palo Verde Nuclear Generating Stations (PVNGS) all openings will require applicants to be a U.S. person.
Pinnacle West Capital Corporation and its subsidiaries and affiliates ('Pinnacle West') maintain a continuing policy of nondiscrimination in employment. It is our policy to provide equal opportunity in all phases of the employment process and in compliance with applicable federal, state, and local laws and regulations. This policy of nondiscrimination shall include, but not be limited to, recruiting, hiring, promoting, compensating, reassigning, demoting, transferring, laying off, recalling, terminating employment, and training for all positions without regard to race, color, religion, disability, age, national origin, gender, gender identity, sexual orientation, marital status, protected veteran status, or any other classification or characteristic protected by law.
For more information on applicable equal employment regulations, please refer to EEO is the Law poster. Federal law requires all employers to verify the identity and employment eligibility of every person hired to work in the United States, refer to E-Verify poster. View the employee rights and responsibilities under the Family and Medical Leave Act (FMLA).
Arizona Public Service is a smoke free workplace.
FlexRole:
This position is not required to be performed at a specific APS facility as long as adequate technology and a solid ergonomic set up are present. Pending agreement with leadership, employees hired into this role will be able to choose where they prefer to perform their work. Employees will have two options to choose from:
*Employees in Flex roles are required to reside in Arizona (or NM for Four Corners-based employees). Role types are subject to change based on business need.
Click the checkbox next to the jobs that you are interested in.
Audit Management Skill
Control Objectives for Information and Related Technology (COBIT) Skill
AQUA Information Systems, Inc., Phoenix, AZ
honeywell, Phoenix, AZ