Director of IT Risk and Controls

About us

National Grid is seeking a Director of Risk and Controls for the STREAMS Program in Albany/Northboro/Waltham/Hybrid Working.

Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating, and our expertise and track record put us in an unparalleled position to shape the sustainable future of our industry. 

 To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business. 

About the Role

The Director of Risk and Controls for the STREAMS (Strategic Reimaging of Enterprise Asset Management Systems) Program will play a pivotal leadership role in one of the organizations most transformative initiatives. STREAMS is a multi-year, enterprise-wide program designed to modernize work and asset management across electric transmission and distribution. This role will be responsible for establishing and maintaining a robust risk and controls environment that supports the programs strategic objectives.

• Define and own the overall risk and controls strategy for the STREAMS program.
• Act as the primary point of accountability for internal controls, risk management, and compliance within the program
• The primary purpose of this role is to proactively identify, assess, and mitigate risks associated with this highly complex business and technology transformation.
• Oversee risk and control activities that ensure the successful and secure implementation of new processes, systems, and data flows introduced by the STREAMS Program.
• Integrate governance, risk, and control principles into every phase of the program from planning and design to execution and sustainment.
• Partner directly with process and system owners to design, document, and embed effective internal controls. You will be responsible for identifying and advocating opportunities to automate control processes, leveraging the new system capabilities, and challenging the status quo.
• Provide leadership with timely, data-driven insights into risk posture and control effectiveness, enabling informed decision-making and proactive mitigation.
• Ensure that risks and controls are effectively embedded in the design, implementation, and operation of work management systems that support planning, scheduling, execution, and tracking of field and asset-related activities.

What You'll Do

•    Design, implement, and manage the end-to-end risk management and internal controls framework specifically tailored to the STREAMS Program.
•    Serve as a trusted advisor to senior leadership on risk posture and mitigation strategies.
•    Identify, assess, and prioritize risks across all program domains including operational, technology, data, and organizational risk.
•    Collaborate with control owners and others to build knowledge and understanding of risks and controls
•    Collaborate with program leadership, IT, business teams to embed risk awareness and control ownership.
•    Foster a culture of proactive risk management, continuous improvement, and operational resilience.
•    Provide regular updates to program governance boards and executive leadership on risk trends and control status.
•    Serve as a liaison for internal audit, external audit, and regulatory reviews related to the program.
•    Provide training and guidance to program teams on risk and control requirements.

What You'll Need

•    Minimum 10 years of experience in risk management, internal controls, compliance, or audit, preferably within large-scale technology or transformation programs.
•    Bachelor’s degree in Business, Finance, Information Systems, or related field with an advanced degree or professional certification (e.g., CPA, CIA, CISA) preferred.
•    Experience in regulated utility environments and large-scale transformation programmes.
•    Strong knowledge of control frameworks such as COSO, COBIT, SOX, and experience applying them in complex environments.
•    Demonstrated ability to lead cross-functional teams and influence senior stakeholders.
•    Strong technical risk management, governance and/or audit skills, understand risk assessment techniques, and 1st, 2nd, and 3rd lines of defense frameworks.
•    Familiarity with SAP S/4HANA and GRC tools; experience with automation technologies (e.g., RPA, CCM). Experience in leveraging technology (e.g. RPA, CCMs (continuous controls monitoring) to improve overall control environment will be highly desirable
•    Experience with Enterprise Asset Management (EAM), Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), or other enterprise application implementations is highly desirable.

•    Proven ability to lead change programmes and influence stakeholders.
•    Strong interpersonal, facilitation, and communication skills.
•    Ability to lead cross-functional teams and influence at senior levels and operate at both strategic and tactical levels.
•    Commitment to continuous improvement and innovation.

More Information

#LI-NK1 #LI-SOX #LI-GRC