Job Summary: Develop, maintain, and execute the company's Cyber Assessments program, also known as Third Party Risk Management, and Technology support. Cyber Assessments include corporate and technology Control Assessments using Fortress and coordinating independent assessments such as penetration tests, NIST CSF, and mock regulatory reviews. Technology supports focuses on our enterprise Archer implementation and Fortress solution.
The Cyber Assessments Analyst will work collaboratively with numerous teams including NERC CIP Compliance, Pipeline Compliance, Innovation, Supply Chain and the business. This role is responsible for executing the Cyber Assessment program and driving the effective use of Fortress and Archer, including upgrades, dashboards and metrics. Works closely with the Director of Cyber Compliance, the Manager Cyber Assessments, the Manager(s) Cyber Compliance, and others as needed to ensure that all assessment results are addressed and leverages Fortress and RSA Archer and their adoption.
Qualifications: - Bachelor's Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts
- 4-6 years 4+ years of IT experience in varying support functions
- In-depth experience with ITIL processes and metrics
- Knowledge of IT infrastructure components, trends, and best practices.
- Solid skills with computers, operating systems, and software (MS Office 365 suite of products) and ability to learn new technical concepts quickly.
- Analytical abilities, including process analysis and development, problem solving and root cause analysis.
- Teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills.
- Willing to travel to business unit or Service Provider locations, as needed.
- Involvement in multiple process improvement initiatives
- Good written and verbal communication
- Demonstrated participation in successful delivery of technical projects
- Can work independently in multiple functional domains with minor assistance
- Solid understanding of NIST 800-53 v5 Control sets.
- Working knowledge of the gas and electric utility industry; additional experience a plus
- Information Technology Infrastructure Library (ITIL) V4 certification Upon Hire
- Preferred Additional Qualifications for Position
- Demonstrated experience in Microsoft Excel and Word
- Demonstrated experience in SharePoint
- Demonstrated experience in ServiceNow
- Experience using RSA Archer GRC tool