Policy and Cybersecurity Compliance Analyst

The Texas Water Company is actively seeking talented, driven and highly-productive applicants for the position of Policy and Cybersecurity Compliance Analyst to join our dynamic team. We offer a challenging and rewarding work environment along with a competitive salary and an excellent benefits package.

Position Overview

H2O America is seeking a highly analytical and proactive Policy and Cybersecurity Compliance Analyst to lead the development, maintenance, and enforcement of cybersecurity and compliance policies across the organization. This role plays a critical part in ensuring our operations align with regulatory requirements, industry standards, and internal risk management strategies. The ideal candidate will be a strong communicator, policy strategist, and compliance advocate who thrives in a dynamic, cross-functional environment.

Key Responsibilities

Policy Governance & Development

Draft, revise, and maintain cybersecurity and compliance policies, standards, and procedures.

Conduct regular gap analyses to identify policy deficiencies and recommend remediation strategies.

Ensure documentation reflects current legal, regulatory, and operational requirements (e.g., NIST, ISO 27001, CCPA, HIPAA).

Compliance Monitoring & Risk Assessment

Monitor adherence to internal policies and external regulations across departments.

Perform periodic audits and assessments to evaluate policy effectiveness and identify areas of non-compliance.

Collaborate with internal audit and legal teams to prepare for external audits and regulatory reviews.

Strategic Alignment & Stakeholder Engagement

Partner with business units, IT, HR, and legal to ensure policies support organizational goals and risk appetite.

Provide policy guidance during new technology implementations, vendor onboarding, and process changes.

Influence leadership on policy decisions through data-driven insights and risk analysis.

Training & Awareness

Design and deliver training programs to educate employees on cybersecurity policies and compliance obligations.

Develop communication plans to ensure timely dissemination of policy updates and changes.

Serve as a subject matter expert and point of contact for policy-related inquiries.

Documentation & Reporting

Maintain a centralized repository of all cybersecurity and compliance documentation.

Generate reports and dashboards to track policy compliance metrics and audit outcomes.

Ensure version control and archival of historical policy documents.

EEO Statement

Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.