Director IT Governance Risk and Compliance (NERC CIP)


White Plains, US


This position reports to the Vice President of the Technology Business Management Office (TBMO) and is responsible for leading and managing Information Technology’s (IT’s) regulatory compliance (NERC CIP) and project governance programs.


This role also oversees, monitors and tracks compliance with responses and deliverables required from IT by enterprise functions including Internal Audit, Enterprise Risk, Reliability Standards & Compliance, and Business Controls and is responsible for developing and maintaining strong relationships with senior leaders in those functions.


In addition, this role manages the Digital Warehouse operations and maintains the governance framework for enterprise content.


Learn more about us, our clean energy technologies and the trend-setting work we’re doing for New York State at NYPA. #LI-JP1


  • Lead the oversight of IT’s NERC CIP compliance. Assess the appropriateness of IT’s regulatory compliance-related rules, controls and policies, identify gaps and, where necessary, formulate proposals for correction.
  • Continually identify applicable regulatory and statutory compliance requirements and controls applicable to NYPA’s Information Technology group in partnership and alignment with other business unit compliance functions.
  • Establish and maintain, in alignment with the Enterprise Portfolio Management Office (EPMO) and IT Project Delivery, technology project governance framework and controls and ensure documentation (policy, process and procedures) and education of the framework are reviewed and updated as needed.
  • Lead IT’s partnership with the Internal Audit, Enterprise Risk Management, and Business Controls teams and act as point for the oversight of IT’s responses and deliverables to those teams in order to reduce risk and comply with corporate governance programs.  
  • Lead the Digital Warehouse team ensuring that content and records management (requests, retention, legal FOILs and holds, destruction, etc.) are run effectively in support of enterprise records management goals and requirements.

Knowledge, Skills and Abilities

  • Strong management and leadership skills, excellent organization skills and attention to detail.  Ability to collaborate and identify/resolve conflicts or barriers to effective teamwork.
  • Excellent interpersonal, verbal/presentation and written communications skills in both technical and non-technical language. 
  • Ability to effectively communicate with varying levels of management and staff in both the business and in IT.
  • Possess a strong moral code and sense of ethics
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, and policies as they relate to IT compliance obligations.
  • Knowledge of IT governance frameworks and standards such as ITIL, ISO 27001/2 and 55001, PMBOK
  • Highly proficient in the use of MS-Office tools (Word, Excel, PowerPoint, Teams, SharePoint), with experience in Power platform tools preferred
  • Willingness to obtain compliance related certifications as needed.

Education, Experience and Certifications

  • Bachelor’s Degree required; Business, Information Management, Computer Science, or a related field preferred
  • Minimum 10 years prior experience in the Information Technology field with exposure to risk management, audit management, project and content governance and compliance 
  • Minimum 3 years of people management / leadership experience. 
  • Regulatory compliance experience required
  • Experience with Health Insurance Portability and Accountability Act (HIPAA)preferred 
  • Utility industry experience preferred

Physical Requirements

New York Power Authority is committed to providing fair, competitive, and market-informed compensation. The target salary range for this position is: $167,810 - $205,110. Salary offered will be determined based the successful candidates’ relevant experience, knowledge, skills, and abilities.


The New York Power Authority and Canals Corporation believes that equity, diversity, and inclusion drive our success, and we encourage women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. As an equal opportunity employer, NYPA/Canals is committed to building inclusive, innovative work environments with employees who reflect communities across NY and enthusiastically serve them. We proudly celebrate diversity and do not discriminate based on race, religion, color, national origin, sex, sexual orientation, gender identity and/or expression, age, veteran status, disability status, pregnancy, marital status, genetic information, arrest record or criminal conviction history, or any other category protected by law.

We are happy to provide reasonable religious accommodations during the hiring process for those in need. If you have a disability or special need that requires a reasonable accommodation, please send a request to

New York is Powered by You

We are a team of over 1,900 energy technologists, IT specialists, business experts, hydro engineers, and other professionals leading the energy revolution. With state-of-the-art technology, advanced R&D, and a modernized infrastructure, we provide New Yorkers with low-cost, clean, reliable power — and we are well on the way to becoming the first fully digital utility in the country. At NYPA, you will be empowered to think big, do good, and transform the energy industry.

NYPA on Forbes "Best of" - again!

NYPA is ranked by Forbes as one of America's best midsize employers for 2022 for the fourth consecutive year! Browse today and apply.








Nearest Major Market: White Plains
Nearest Secondary Market: New York City

Job Segment: Environmental Engineering, Computer Science, Risk Management, Internal Audit, Developer, Engineering, Technology, Finance