NERC - CIP Compliance Analyst Job

NERC-CIP COMPLIANCE ANALYST needed for a LONG-TERM CONTRACT opportunity with Yoh's client located in Charlotte, NC.

MUST BE CURRENTLY ELIGIBLE TO WORK IN THE US FOR ANY EMPLOYER.

PLEASE NOTE THAT THIS POSITION DOES NOT ALLOW FOR WORKING REMOTELY, AS SUCH THE INCUMBENT MUST BE ABLE TO WORK ONSITE IN CLIENT'S CHARLOTTE, NC LOCATION.

THE BIG PICTURE - TOP SKILLS YOU SHOULD POSSESS:

- Two to five (2-5) years of experience with NERC-CIP Compliance Analysis
- Compliance auditing experience

WHAT YOU'LL BE DOING:

- The primary purpose of this position is to carry out assignments to demonstrate compliance with NERC Critical Infrastructure Protection (CIP) reliability standards within the Information Technology department (IT).
- The Compliance Analyst will maintain a set of IT Security and Compliance tasks with oversight responsibilities to ensure full compliance with associated processes; ensures responsibility is assigned to each task; and completes/monitors for completion.
- Participates in compliance activities, including external audits, mitigation plans and performs selected tracking and monitoring tasks assigned to IT Security Compliance and ensures scheduled compliance activities and events are completed and documented.
- Assist in collecting and maintaining documented evidence.
- Maintain strong working relationship and collaborate with various IT support groups and business line groups' Subject Matter Experts to provide technical and compliance assistance in accomplishing the objectives of monitoring, evidencing and assists in collecting and maintaining appropriate documented evidence.
- Perform day-to-day security reviews and analysis and compare systems to established baselines, reviewing available ports and services, and analysing systems for security breaches
- Promptly reports compliance and control exceptions and deficiencies to IT management and others as applicable and appropriate.
- Assists in reviewing and identifying deficiencies as well as preparing mitigation plans for regulatory agencies during and recommending corrective action and suggesting improvements in operations; ensures timely completion of all tasks identified in mitigation plans.
- Manage change management process: review change management tickets for complete information; collect and attach evidence; ensure test plans meet NERC CIP requirements
- Maintain an accurate inventory of all systems

WHAT YOU NEED TO BRING TO THE TABLE:

- Education: Bachelors Degree or a combination of education plus equivalent work experience
- Two to five (2-5) years of experience with NERC CIP Compliance, IT audits, IT security, network, infrastructure and related industry regulatory issues experience in compliance focused position, or equivalent.
- Demonstrates a working knowledge of processes and procedures within IT and supported business units.
- Strong capability to build and maintain effective relationships with IT and business unit support groups and associated Subject Matter Experts.
- Familiarity with security vulnerabilities/mitigation strategies and IT security concepts highly desired.
- CISA (Certified Information Security Analyst), CISSP (Certified Information Systems Security Professional) or similar Certifications

WHAT ARE YOU WAITING FOR? APPLY NOW!

RECRUITER: Rob Snyder

EMAIL: (see below)

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer, M/F/D/V. Contact us if you are an individual with a disability and require accommodation in the application process.

J2W: INFOTECH

TAX TERM: CON_W2J2WBRCHAR

Ref:

Branch: IT & Telecom