[Hiring] Staff Risk & Compliance Analyst @GE Vernova

Role Description

As a Staff Risk & Compliance Analyst in the Power IT GRC function, you will support day-to-day IT GRC activities that contribute to the Power segment's SOX assurance, assist in advancing the multi-year control rationalization and automation roadmap with clear KPIs/KRIs, and develop your expertise in governance, risk, and compliance.

• Support governance framework: Assist in maintaining the IT governance structure using established frameworks; help update documentation, track process adherence, and support standardization efforts under senior guidance.
• SOX Compliance Management: Support the Power DT Sarbanes-Oxley compliance program by coordinating testing activities, managing documentation requirements, and ensuring timely completion of control assessments. Collaborate with process owners to maintain accurate control narratives, risk-control matrices, and test evidence in accordance with SOX requirements. Track testing cycles, identify control gaps or weaknesses, and facilitate management's remediation efforts. Prepare SOX status reports for leadership and external auditors, maintain the SOX controls repository, and stay current on regulatory changes and industry best practices to ensure continuous compliance with financial reporting requirements.
• End-to-End Deficiency Management: Lead comprehensive deficiency identification, tracking, and resolution processes across all GRC domains. Collaborate with control owners and business stakeholders to document findings, assign remediation actions with clear deadlines, and monitor progress through to closure. Maintain deficiency registers, provide regular status reporting to leadership, perform root cause analysis, and ensure timely escalation of overdue or high-risk items. Drive continuous improvement by analyzing deficiency trends and recommending preventive measures to strengthen the organization's control environment.
• Support key control domains: Assist in ERP control areas (Identity and Access Management/Privileged Access, SDLC/DevOps change, and IT operations) by performing routine control testing, maintaining evidence files, and supporting standardization initiatives.
• Support policy development: Assist in drafting and updating IT policies and procedures for security, data management, and access control; help coordinate review processes, track acknowledgments, and maintain policy repositories to support continuous compliance.
• Support risk management: Assist in risk assessment activities by gathering data, documenting findings, and maintaining risk registers; help identify and document risks associated with IT systems, including cybersecurity threats and data breaches, under senior supervision.
• Support compliance audits: Serve as a key support resource for internal and external audits; assist in managing request lists, gathering evidence, organizing documentation, responding to routine inquiries, and tracking remediation progress for identified control deficiencies.
• Monitor regulatory adherence: Help monitor changes in regulations and laws, such as SOX, NIS2, and GDPR; assist in maintaining control and policy mappings and support updates to ensure ongoing compliance.
• Support training and awareness: Assist in developing training materials and coordinating training sessions for employees and stakeholders; help track participation and gather feedback to support understanding of compliance obligations and best practices.
• Support reporting: Assist in building and maintaining reports and dashboards for senior management on IT risk posture, compliance status, and control effectiveness; help gather data, validate information, and prepare routine status updates.

Qualifications

• Experience in governance, risk, and compliance.
• Knowledge of SOX compliance and regulatory frameworks.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.

Requirements

• Ability to work independently and manage multiple tasks.
• Proficiency in Microsoft Office Suite and GRC tools.
• Detail-oriented with strong organizational skills.

Benefits

• Flexible work environment.
• Opportunities for professional development.
• Comprehensive health and wellness programs.

Company Description

GE Gas Power, part of GE Vernova, is providing more advanced, cleaner, and efficient power that people depend on today and building the energy technologies of the future.