Compliance Analyst (Associate, Sr., Lead)

Description
About the Position:

NationalGrid?s Critical National Infrastructure (CNI) department provides IT supportservices for the SCADA applications that drive the company?s operations. TheCompliance Analyst role will operate as part of the CNI Energy ManagementSystems (EMS) support team with primary focus on NERC-CIP compliance andcyber security of the application infrastructure located at the Northborough,MA and Lincoln, RI facilities.
Theposition will require the successful candidate to perform a broad range ofinfrastructure, compliance, and cyber security support tasks covering desktops,servers, and appliances. Candidate will regularly collaborate with counterpartsin other CNI teams to ensure standards and best practices are followed.
PositionResponsibilities (including but not limited to):
Ensure that configuration, change management, and patch management processes are documented accurately and actions taken are compliant with National Grid policies.
Utilize automated software tools, including the BigFix, Cisco SourceFire, McAfee, and Tripwire products to manage device baselines, changes, security patches, and cyber threats.
Monitor and maintain changes to device baselines, investigate and document change reasons. Create security incidents for unauthorized changes.
Ensure devices are logging and reporting using the Tripwire software suite.
Coordinate with the EMS support staff and application vendors, including EMS vendors, to evaluate software and security patches based on operational constraints.
Conduct periodic vulnerability assessments using the Tripwire IP360 tool. Ensure vulnerabilities are documented, develop remediation plans and track activities to completion.
Serve as the subject matter expert for compliance assessments and audits.
Work cooperatively with other NERC CIP Compliance analysts, cross-train in additional compliance activities and serve as a backup as necessary.
Participate in department and/or cross-functional teams to complete special projects or assignments as requested
Monitor and maintain the overall health of the electrical SCADA system including workstations, servers, communications? equipment and application software.
Participate in team meetings and conference calls to ensure awareness of ongoing activities and priorities.
Respond to major incidents as part of a team.
Participate in an on call rotation, providing after-hours and storm support when required.

Qualifications
Knowledge &Experience Required:
Bachelor's degree in Computer Science, Cyber Security, or other related discipline and at least three (3) years of experience working in implementing regulatory/industry security standards and compliance.
Must possess strong writing, verbal communication and documentation skills and the ability to achieve and communicate with a sense of urgency
Ability to work with a variety of personnel and be conversant with both technical and business-oriented personnel
Ability to articulate how people, process and technology, collectively, are essential in establishing and executing a NERC CIP compliance strategy
Competency with network security and information security concepts and technologies
Ability to meet pressured deadlines, time constraints and periodic requirements
Demonstrated ability to develop long-range program plans, set goals and objectives, and decisions on program priorities and analyze program effectiveness
Experience with Windows and Linux operating systems.
Familiarity with thefollowing is desirable:
Patch Management
Configuration & Change Management
Intrusion Detection and Prevention
Risk Assessment methodologies
Information Protection (including information classification)
Disaster Recovery Planning
Industry Standards for Process Control Security
Access Management
Secure Network Architecture
NERC CIP 002-011 Standards
Microsoft Excel and Access
This position is one of National Grid?s career path roles which provide for promotional opportunities within and across salary bands as you develop and evolve in the position by gaining experience, expertise and acquiring and applying technical skills.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise.We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve.National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.
Job
:IS Service Delivery
Primary Location
:MA-Northborough
Organisation
:IS Service Delivery
Schedule
:Full-time
Job Posting
:Jun 12, 2018, 6:16:17 PM
Unposting Date
:Ongoing