Sr. Security Analyst I (II)

PJM Interconnection
Audubon, United States of America
10 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Audubon, United States of America

Tech stack

Microsoft Word
Microsoft Excel
Computer Security
Information Systems
Microsoft Office
Microsoft PowerPoint
Information Technology

Job description

  • Applies understanding of IT security in conjunction with NERC standards to develop effective strategies and work plans for PJM's NERC CIP program.
  • Leads departmental and cross-functional projects to successful completion using project management approaches.
  • Assists control owners in designing and implementing effective controls to ensure compliance with NERC CIP standards.
  • Monitors and influences the development of new standards / new versions of standards and evaluates the impacts of the new /changed standards to PJM. Assists requirements owners with the transition process.
  • Leads and coordinates PJMs comments / balloting on all NERC CIP Standards related postings from FERC, NERC, RF and SERC.
  • Verifies that the design of security controls for compliance with NERC CIP standards is effectively maintained.
  • Lead or participate in the creation, modification, and implementation of control activities to ensure compliance with the NERC CIP standards.
  • Reviews evidence of compliance and tests to ensure that the objectives of controls are being satisfied; identifies areas for improvement; and is an integral part of ensuring improvements are implemented.
  • Works collaboratively with internal stakeholders by facilitating the assessment of new applications and new cyber assets to determine their criticality.
  • Supports the automation of security control activities.
  • Develops and implements detailed compliance reports for NERC CIP standards and control activities.
  • Participates in policy, standard, and procedure reviews and updates.
  • Leads training of internal personnel and presents compliance topics to members and industry stakeholders.
  • Assesses new technologies and their associated security and compliance risks in order to put plans into place for mitigating these risks.
  • Works to champion an understanding of the NERC CIP requirements as relative to PJM.
  • Identifies, documents, and reports security risks as relative to NERC CIP standards.
  • Conducts internal compliance reviews and coordinates self-reporting of potential violations. Assists control owners in the development and execution of mitigation plans. Ensures timely completion of all mitigation plan activities and facilitates evidence collection.
  • Develops an understanding and assists in defining the obligations of PJM's affected Business Units to reasonably demonstrate compliance with the NERC CIP Standards.
  • May assist other team members as assigned
  • Other related duties as assigned

Requirements

  • At least 5 years of experience in the field of Information Security, Information Systems Auditing, Information Technology
  • At least 5 years of experience auditing/compliance, security, and/or information technology
  • Ability to produce high-quality work products with attention to detail
  • Ability to communicate effectively in a team environment
  • Experience in quantitative and qualitative analysis
  • Experience using verbal and written communications skills
  • Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint)
  • Ability to produce high-quality work products with attention to detail
  • Ability to visualize and solve complex problems
  • Experience with FERC, NERC CIP and RFC compliance
  • Experience in information security, access control systems, encryption, and related applications
  • Experience with conducting an annual security assessment to identify risk and vulnerabilities and develop recommendations for senior management based on results

Apply for this position