IT/Software/Technology

Jr. Cybersecurity Government & Risk Analyst

Contract

Strategic Staffing Solutions

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING!

Strategic Staffing Solutions is currently looking for a Jr. Cybersecurity Government & Risk Analyst for a contract opening with one of our largest clients located in Charlotte, NC!

This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available ! The details are below.

Locations: Charlotte, NC (On-Site)

Duration:  12+ Months

To apply: Please email your resume in Word Format to Bob Cromer at: bcromer@strategicstaff.com and Reference Job Order #: 204563 or Click the Apply Button.

Job Description:

The NERC CIP Program Management – Cybersecurity Government & Risk Analyst is responsible for achieving team objectives for the enterprise North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Cybersecurity Compliance Program. This role works closely with multiple internal Business Areas to ensure effective, efficient and consistent adherence with the NERC CIP Standards and a strong compliance culture is achieved across the organization.

This role will involve work with developing and maintaining the Program Standards, Procedures, Processes and Tools and will also involve performing quality assurance (QA) and validation to ensure compliance is achieved.

Responsibilities:

  • Document various NERC CIP related compliance activities, changes to policy, processes, procedures, Audit related activities, Standards Interpretations based on input from and discussions with Business Area Compliance teams
  • Prepare reports on the results of internal reviews of compliance evidence, including categorization of findings and recommendations to be addressed
  • Support implementations of technologies to augment the company s NERC CIP Compliance Program to drive efficiency and sustainability in the pursuit of both compliance and operational goals
  • Perform training, change management, and communication support for CIP implementations and ongoing compliance activities
  • Promote awareness of NERC CIP requirements and standards development
  • Demonstrates working knowledge of Information Technology (IT)/Operational Technology (OT) and Cybersecurity policy, standards, processes, controls, and functional areas, in relation to the NIST framework and other industry accepted standards
  • Competent in the use of IT/OT and Cybersecurity tools, procedures, and research capabilities
  • Assist in cyber defense trend analysis and reporting
  • Assist in the assessment in the effectiveness of security controls
  • Provide enterprise coordination, project oversight, reporting, and issue resolution for implementation of future versions of the NERC CIP Standards
  • Carries out individual work assignments to meet established work schedules.
  • Receives work assignments and works with review and direction by senior analyst(s).
  • Basic knowledge of IT and Cybersecurity policy, standards, processes, resources, and controls.
  • Able to apply process and controls knowledge to meet compliance requirements.
  • Provides good customer support to deliver compliance results to internal and external parties
  • Communicates with customers to understand compliance requirements
  • Communicates problems and resolutions to manager and/or customers
  • Create workflow diagrams for business process flow to accurately represent processes for NERC CIP Compliance

Working Requirements:

  • Must pass a personnel risk assessment including seven (7) year background screening and annual cyber security training
  • Demonstrated focus on safety
  • Adhere to company policies and ensure necessary administrative procedures are followed

Basic/Required Qualifications:

Bachelors  degree in a related field

  • In addition to required degree, 2+ years utility, cyber security, auditing, compliance, regulatory, NERC CIP or related experience in security operations center, firewall, network, military information security and/or system administration relevant work experience in IT/OT and Cybersecurity.
  • In lieu of Bachelor s degree(s) and 2 year(s) related work experience listed above, High School/GED and 6 year(s) related work experience

Desired Qualifications:

  • Experience in Cybersecurity, preferably with risk identification and management, audit and compliance, policy development and maintenance, evaluation of control requirements, security, and related industry regulatory issues
  • Utility Industry Experience
  • Knowledge in validating the organization against policies/guidelines/procedures/regulations/laws to ensure compliance
  • Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.
  • Working knowledge of Cybersecurity frameworks such as NIST
  • Fundamental knowledge of laws, regulations, and policies as they relate to cybersecurity and privacy
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
  • Able to work independently and effectively with defined supervisory review and direction
  • Demonstrated excellent listening and communication skills; able to present complex information in an understandable manner both verbal and written to peer levels within the organization and multiple levels within the organization as well as regulatory entities and other utility representatives
  • Demonstrates good listening skills and puts forth the effort to understand others points of view. Has the ability to manage confidential information with a high degree of integrity.  Responds well to supervisors, is easy to challenge and develop, and is easily coachable.
  • Demonstrates ability to absorb change and continue with positive results
  • Skill in conducting audits or reviews of technical systems
  • Skill in performing impact/risk assessments
  • Skill in processing collected data for follow-on analysis
  • Demonstrates ability to recognize a possible security violation and take appropriate action to report the incident as required
  • Perform cyber defense trend analysis and reporting.
  • Research current technology to understand capabilities of required system or network
  • Knowledge of information technology (IT), operational technology (OT), supply chain security and supply chain risk management policies, requirements, and procedures.
  • Ability to work on multiple tasks simultaneously and shift priorities across multiple workstreams
  • Ability to achieve consensus on decisions and communicate with impacted individuals or groups
  • Ability to manage complex problems to resolution

The global mission of S3 is to build trusting relationships and deliver solutions that positively impact our customers, our consultants, and our communities. The four pillars of our company are to:

  • Set the bar high for what a company should do
  • Create jobs
  • Offer people an opportunity to succeed and change their station in life
  • Improve the communities where we live and work through volunteering and charitable giving

As an S3 employee, you’re eligible for a full benefits package that may include:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • 401(k) Plan
  • Vacation Package
  • Life & Disability Insurance Plans
  • Flexible Spending Accounts
  • Tuition Reimbursement

 

 

 

 

 

 

Job ID: JOB-204563
Publish Date: 25 Jul 2022

Tagged as: Jr. Cybersecurity Government & Risk Analyst