Compliance Analyst (Associate, Sr., Lead)','20181509','!*!About the Position:
Grid’s Critical National Infrastructure (CNI) department provides IT support
services for the SCADA applications that drive the company’s operations. The
Compliance Analyst role will operate as part of the CNI Energy Management
Systems (EMS) support team with primary focus on NERC-CIP compliance and
cyber security of the application infrastructure located at the Northborough,
MA and Lincoln, RI facilities.
position will require the successful candidate to perform a broad range of
infrastructure, compliance, and cyber security support tasks covering desktops,
servers, and appliances. Candidate will regularly collaborate with counterparts
in other CNI teams to ensure standards and best practices are followed.
Responsibilities (including but not limited to):
Ensure that configuration, change management, and patch
management processes are documented accurately and actions taken are
compliant with National Grid policies.
Utilize automated software tools, including the BigFix,
Cisco SourceFire, McAfee, and Tripwire products to manage device
baselines, changes, security patches, and cyber threats.
Monitor and maintain changes to device baselines,
investigate and document change reasons. Create security incidents for
Ensure devices are logging and reporting using the
Tripwire software suite.
Coordinate with the EMS support staff and application
vendors, including EMS vendors, to evaluate software and security patches
based on operational constraints.
Conduct periodic vulnerability assessments using the
Tripwire IP360 tool. Ensure vulnerabilities are documented, develop
remediation plans and track activities to completion.
Serve as the subject matter expert for compliance
assessments and audits.
Work cooperatively with other NERC CIP Compliance
analysts, cross-train in additional compliance activities and serve as a
backup as necessary.
Participate in department and/or cross-functional teams
to complete special projects or assignments as requested
maintain the overall health of the electrical SCADA system including
workstations, servers, communications’ equipment and application software.
team meetings and conference calls to ensure awareness of ongoing
activities and priorities.
Respond to major
incidents as part of a team.
an on call rotation, providing after-hours and storm support when
Bachelor's degree in Computer Science, Cyber Security,
or other related discipline and at least three (3) years of experience
working in implementing regulatory/industry security standards and
Must possess strong writing, verbal communication and
documentation skills and the ability to achieve and communicate with a
sense of urgency
Ability to work with a variety of personnel and be
conversant with both technical and business-oriented personnel
Ability to articulate how people, process and
technology, collectively, are essential in establishing and executing a
NERC CIP compliance strategy
Competency with network security and information
security concepts and technologies
Ability to meet pressured deadlines, time constraints
and periodic requirements
Demonstrated ability to develop long-range program
plans, set goals and objectives, and decisions on program priorities and
analyze program effectiveness
Experience with Windows and Linux operating systems.
Familiarity with the
following is desirable:
Configuration & Change Management
Intrusion Detection and Prevention
Risk Assessment methodologies
Information Protection (including information
Disaster Recovery Planning
Industry Standards for Process Control Security
Secure Network Architecture
NERC CIP 002-011 Standards
Microsoft Excel and Access
This position is one of National Grid’s career path roles which provide for promotional opportunities within and across salary bands as you develop and evolve in the position by gaining experience, expertise and acquiring and applying technical skills.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.','IS Service Delivery','MA-Northborough','','IS Service Delivery','Full-time','Jun 12, 2018','Ongoing','Compliance Analyst (Associate, Sr., Lead)