Principal Cybersecurity Compliance Analyst
GFT
oakland
Posted July 11, 2026
Description
<p></p><h3>Principal Cybersecurity Compliance Analyst </h3> <h3>What You Will Do </h3> <p>GFT is looking for a Principal Cybersecurity Compliance Analyst to join our Security and Safety team in Northern California. This hybrid role requires regular attendance at our client’s office. </p> <h3>Responsibilities </h3> <ul> <li>Lead and support the development, implementation, and continuous improvement of governance, risk, and compliance (GRC) programs aligned with FERC (<b>D2SI SPHP Section 9 </b>) and NERC CIP standards for PG&E’s power generation assets. </li> <li>Develop, maintain, and operationalize policies, procedures, standards, and guidelines to meet regulatory requirements and industry best practices. </li> <li>Conduct compliance gap assessments, risk analyses, and control testing for cybersecurity and OT systems. </li> <li>Prepare and maintain audit‑ready documentation, including compliance narratives, evidence repositories, and records retention practices. </li> <li>Coordinate and support internal and external audits, including NERC Regional Entity audits, spot checks, and self-certifications. </li> <li>Collaborate with cybersecurity, IT, OT, engineering, legal, and enterprise risk teams to align compliance requirements with business operations. </li> <li>Serve as a liaison between technical teams and compliance leadership to translate regulatory requirements into actionable controls. </li> <li>Track compliance metrics, risks, and issues; prepare reports and dashboards for leadership. </li> <li>Monitor regulatory developments, FERC and NERC standards changes, and enforcement trends. </li> <li>Support compliance training and awareness efforts for internal stakeholders. </li> <li>Assist in the integration of compliance controls into operational and cybersecurity processes. </li> <li>Participate in mock audits, tabletop exercises, and incident response planning. </li> </ul> <h3>Required Qualifications </h3> <ul> <li>Bachelor’s degree in cybersecurity, information systems, engineering, business, or a related field. </li> <li>Minimum of 10 years of relevant experience in the power utility industry, with a focus on governance, risk, and compliance (GRC), cybersecurity, or operational technology. </li> <li>Deep working knowledge of NERC CIP standards and the FERC regulatory environment. </li> <li>Direct experience supporting NERC CIP audits (self-certifications, spot checks, or enforcement actions). </li> <li>Experience with compliance documentation, evidence collection, and audit support. </li> <li>Familiarity with electric utility operations, OT environments, or IC/SCADA systems. </li> <li>Strong analytical, organizational, and technical writing skills. </li> <li>Excellent communication and interpersonal skills, with the ability to work independently and collaboratively. </li> <li>Certification from a recognized risk, governance, or cybersecurity organization (e.g., CISSP, CISM, RIMS-CRMP, or equivalent) required. </li> </ul> <h3>Preferred Qualifications </h3> <ul> <li>Experience in the energy sector, particularly power generation or utilities. </li> <li>PMP certification. </li> <li>Familiarity with SCADA/ICS systems and processes. </li> <li>Knowledge of related frameworks (e.g., NIST CSF, NIST SP 800-53, ISO 27001). </li> <li>Experience in project management, including scope, schedule, and budget tracking. </li> <li>Involvement in professional organizations or industry committees. </li> </ul> <h3>Compensation </h3> <p>The salary range for this role is $150,000 – $200,000. Salary is dependent upon experience and geographic location. </p> <h3>Benefits </h3> <ul> <li>Hybrid (in-person and remote) work environment. </li> <li>Comprehensive benefits package including wellness programs, parental leave, pet insurance, medical, dental, vision, disability, and life insurance. </li> <li>Tax‑deferred 401(k) savings plan. </li> <li>Competitive paid‑time‑off (PTO) accrual. </li> <li>Tuition reimbursement for continued education. </li> <li>Commitment to professional development, access to internal and external training programs, and support of active participation in professional organizations. </li> <li>Incentive compensation for eligible positions. </li> </ul> <h3>Location </h3> <p>Sacramento, CA; Roseville, CA; Oakland, CA </p> <h3>Equal Opportunity Employer </h3> <p>All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veterans’ status, or other characteristics protected by law. </p> <h3>Background Check </h3> <p>All advertised positions will require the successful completion of a criminal background check. </p> <p></p> #J-18808-Ljbffr
Job Overview
Location
oakland
Job Type
full time
Date Posted
July 11, 2026