Risk & Compliance Analyst

San Francisco, California
12 Oct 2016
26 Oct 2016
Oil and Gas
Contract Type
Full Time

Based in San Francisco, Pacific Gas and Electric Company, a subsidiary of PG&E Corporation (NYSE:PCG), is one of the largest combined natural gas and electric utilities in the United States. And we deliver some of the nation's cleanest energy to our customers in Northern and Central California. For PG&E, "Together, Building a Better California" is not just a slogan. It's the very core of our mission and the scale by which we measure our success. We know that the nearly 16 million people who do business with our company count on our more than 24,000 employees for far more than the delivery of utility services. They, along with every citizen of the state we call home, also expect PG&E to help improve their quality of life, the economic vitality of their communities, and the prospect for a better future fueled by clean, safe, reliable and affordable energy.

Pacific Gas and Electric Company is an Affirmative Action and Equal Employment Opportunity employer that actively pursues and hires a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, age, religion, physical or mental disability status, medical condition, protected veteran status, marital status, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information or any other factor that is not related to the job.

Department Overview

The purpose of the Compliance and Risk Management (CRM) department is to assure that each of the Safety and Shared Services departments have documented their risks (operational, strategic, and enterprise) and compliance obligations (to federal, state, and local laws and regulations) and have effective processes and controls in place to ensure risk mitigation and overall compliance.

The CRM department is also charged with facilitating organizational wide compliance and risk management initiatives and also to providing oversight. The CRM team is responsible for supporting the Safety and Shared Services functions in driving a culture of compliance and risk management, and enabling the business to effectively and efficiently manage risk and compliance. We assess process controls, facilitate the risk assessment and mitigation process, govern and test
the implementation of controls and mitigations.

Safety and Shared Services provides mission critical services through four primary functional areas: Supply Chain, Transportation Services, Safety Health and Environmental and Corporate Real Estate Strategy & Services. PG&E's Supply Chain organization manages more than $4 billion in goods and services spend annually, 33 percent of which is through diverse suppliers and employs 900 people. Transportation Services oversees a fleet of more than 12,000 vehicles and
equipment, including the largest green fleet in the nation among utilities. Corporate Real Estate Strategy & Services is responsible for a portfolio comprised of 7 million square feet of office and supply space. The Safety, Health and Environmental organization is dedicated to public, employee and contractor safety. It supports compliance, proactive remediation of legacy property, secures project permits, and as one of the largest land owners in the state of California, manages our land.

Position Summary

Manage and help to provide assurance over LOB's Risk and Compliance programs, procedures and systems. Act in a consultative capacity as a business partner and Risk and Compliance expert to assigned Director and VP-level business units, and, as necessary, entire line of business (i.e. Safety and Shared Services). Responsible for understanding the business environment and associated risks and compliance requirements of the business unit, and at a general level, for the entire LOB, identifying and assessing organizational compliance requirements and operational risks, helping requirement owners develop controls and metrics and evaluate for effectiveness, evaluating control deficiencies, supporting the design of mitigating activities, and helping to facilitate and publish policies and standards, in line with compliance objectives and/or established risk management protocols. Provide an infrastructure that enables business units, departments and employees 1) to conduct business in compliance with applicable laws, regulations and policies; and 2) identify, manage and mitigate operational risks that can affect the business. Act as an advocate for, help train and engage employees and leaders throughout line of business in risk and compliance to ensure understanding of compliance requirements, risk management principles and other needed items to support organization-wide awareness and facilitate LOB behaviors related to risk and compliance.

Major areas of responsibility typically include the following:

Compliance Management: Lead, implement, facilitate and provide assurance over S&SS compliance program to meet compliance requirements. Understands and documents State, Federal and local compliance obligations and associated controls and business processes. Complete or coordinate compliance validation activities and control effectiveness testing activities. Assess and resolve complex control deficiency issues and ensure that remediation actions are effective. Assess and analyze complete regulatory requirement issues to determine impact and remediation efforts. Assess compliance risk and design control risk mitigation plans and support business implementation. Track and report key compliance metrics.

SOX / FERC Compliance: Facilitate the SOX and/or FERC compliance programs to help meet Corporate Accounting requirements. Ensure that all testing activities are completed on time and are well documented and that all remediation actions are coordinated and effective. Assess and help drive and resolve complex control deficiency issues. Regularly assess controls environment to ensure risk is appropriately managed and controls are adequate and consistently performed; this includes updating process maps and narratives and helping to ensure that all supporting documentation is correct and complete. Facilitate quarter and year-end activities.

Risk Management: Lead and implement LOB-wide risk management program activities in support of the PG&E Enterprise-Wide risk management program. Work closely with risk owners to identify, assess and analyze operational and enterprise risks, facilitate the creation of risk response plans (and where necessary facilitate alternatives analyses) and help develop comprehensive risk mitigation plans, track completion of mitigations, and track risk status through performance, warning and effectiveness metrics. Manage risk mitigation for some LOB-owned risks. Provide risk-focused coaching and feedback to risk owners to ensure plans are effective and reflect appropriate risk management approaches and principles. Track and report key risk metrics. Interface with EORM&I as necessary.

Audit Support: Facilitate LOB-wide internal audit program in partnership with Internal Audit Department and LOB individual business units. Liaison between business lines and IA to resolve communication, technical, or risk/control issues. Provide design expertise and consultation to business lines. Facilitate on-going monitoring, support, and reporting of remedial action plans. Complete risk evaluation of issues to determine remedial action priority and resource allocation. Track and report key audit issues and metrics



• Bachelor's degree in any of: Management, Risk, Insurance, Business, Accounting, Finance, or related discipline; or equivalent experience
• Requires a minimum of two years of experience in risk or compliance management, utility operations or related field

Desired Qualifications

• Ability to learn new concepts quickly
• Solid technical knowledge of compliance and risk
• Good research and issue resolution skills
• Ability to assess and recommend solutions for assigned projects
• Ability to prioritize, plan, perform and communicate activities both in written and verbal form • Understands the company and regulatory organizational structure and how to interact with and utilize available contacts and resources


• Demonstrates full understanding of regulatory policy and compliance concepts.
• Thoroughly assesses new external regulatory requirements and develops action plans to integrate into work processes and implement controls.
• Collaborates with team to provide best practice consultation for assessing internal controls for various business processes.
• Collaborates with team to develop controls to mitigate risk and exposure compliance requirements.
• Thoroughly assesses routine compliance impacts and develop action plans to address gaps.
• Complete or review all assessments tested by the business.
• Assists in all forms of research for information on past, current and of pending future regulatory requirements.
• Assists in evaluating control deficiencies in accordance with the company's framework for evaluating control exceptions and deficiencies to conclude on potential impact to the company.
• Assists with the preparation of reports/presentations on the status of all risk and compliance activities.