NERC CIP/TSA Risk and Compliance Analyst

TITLE: NERC CIP/TSA Risk and Compliance Analyst

LOCATION: Remote in GA, AL, MS, TX, IL, DC, MA, VA, NC, SC, FL (some onsite needed for audit)

ANTICIPATED DURATION: 1 year- potential contract to hire

This position will perform risk management and compliance activities. The position will help ensure appropriate controls are in place and can demonstrate compliance with internal and external requirements including (NERC CIP), Transportation Security Administration Pipeline Security Directives (TSA SD), and internal policies and procedures. Occasional overnight travel may be required. This position is located in either Birmingham or in Atlanta.

NERC CIP/TSA Risk and Compliance Analyst Responsibilities:

• Serve as the backup technology risk and control activities for internal and external stakeholders related to NERC CIP and TSA Security Directives
• Facilitate the execution of the Technology Organization’s patch and vulnerability management review processes in support of compliance with NERC CIP and TSA Security Directives.
• Support the implementation of new CIP and TSA requirements impacting the Technology Organization
• Manage work practices to support compliance with both CIP and TSA Requirements
• Support the Technology Organization efforts during routine audits of the NERC CIP and TSA programs by both internal and external audit teams.
• Facilitate the execution of monthly, quarterly, annual, and other periodic control reviews to support compliance with regulatory requirements
• Interact with other departments to report and investigate instances of potential non-compliance, and develop and track associated mitigation plans to completion as necessary
• Review and provide comments for NERC and TSA revisions for assigned standards
• Work collaboratively with other Compliance Coordinators to meet all team goals, and assist with other compliance issues as workload dictates
• Build and sustain strong working relationships with individuals and workgroups across the Technology Organization
• Perform internal control monitoring and testing of Technology Organization’s compliance programs for assigned NERC CIP standards and TSA Directives
• Manage all projects and other assigned responsibilities effectively to meet deadlines

NERC CIP/TSA Risk and Compliance Analyst Requirements:

Education Requirements

• BS/BA Degree in Computer Science / Information Security or related field preferred
• CRISC, CISA or related industry certifications preferred

Experience Requirements

• Prior Technology Security, Server Support and/or internal controls experience preferred
• Technology controls and processes
• Industry regulations such as NERC CIP or TSA Security Directives
• Knowledge of power utility equipment and Cyber Assets associated with the Bulk Power System
• Understanding of corporate compliance governance processes and auditing practices specific to the energy regulation compliance risk area
• Information Security principles
• Control frameworks including COBIT-5, NIST or similar control framework
• Detail oriented while working in a fast-paced environment
• Strong oral and written communication skills with ability to communicate effectively at all levels
• An ability to effectively influence others with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication
• Strong analytical skills
• Positive attitude, team player & creative problem-solving skills
• Effective time management skill and good business judgment
• Able to multi-task and handle multiple projects simultaneously
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to understand deep technical concepts and translate those concepts to non-technical people.
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• Ability to establish a detailed plan and execute on that plan without undo participation from leadership
• Ability to understand, gather and assess information as done in internal audits, investigations, peer reviews, QA reviews, etc.
• Ability to identify and prioritize risks and assist in the design and execution of management programs and internal controls to effectively manage compliance risks

The hourly pay rate range for this position is $50.00 to $55.00 (dependent on factors including but not limited to client requirements, experience, statutory considerations, and location). Benefits available to full-time employees: medical, dental, vision, disability, life insurance, 401k and commuter benefits. *Note: Disclosure as required by the Equal Pay for Equal Work Act (CO), NYC Pay Transparency Law, and sb5761 (WA)

Synergis is proud to be an Equal Opportunity Employer. We value diversity and do not discriminate on the basis of race, color, ethnicity, national origin, religion, age, gender, gender identity, political affiliation, sexual orientation, marital status, disability, military/veteran status, or any other status protected by applicable law.

For immediate consideration, please forward your resume to dwicks@synergishr.com

If you require assistance or an accommodation in the application or employment process, please contact us at dwicks@synergishr.com.

Synergis is a workforce solutions partner serving thousands of businesses and job seekers nationwide. Our digital world has accelerated the need for businesses to build IT ecosystems that enable growth and innovation along with enhancing the Total Experience (TX). Synergis partners with our clients at the intersection of talent and transformation to scale their balanced teams of tech, digital and creative professionals. Learn more about Synergis at www.synergishr.com.