Compliance Analyst
Full Time
US
Posted 2 years ago
Overall, 5 years’ experience in Information Technology with knowledge of Windows, Linux, VMware operating systems.
Key skills
- 3-5 years of Compliance or Cyber security
- 1-3 years’ experience in NERC CIP Compliance
- 1-3 years’ experience in Utilities domain
- 1-3 years’ experience in scripting python, Perl, power shell, etc
- 1-3 years’ experience in security tools like Splunk, tenable, Industrial Defender, etc
Description
- Provide subject matter expertise for Security and Compliance requirements of SCADA systems during Project Design and Implementation phase and evaluation of POC results.
- Technical feasibility exception (TFE) preparation and submittal; compliance evidence gathering, quality verification, packaging, and storage. Cyber assets classification and validation.
- Assess risk of security vulnerabilities, patches for servers and workstations, and assess the applicability and risk of newly discovered vulnerabilities. Liaise with System Administrators to remediate risk. Ensure Electronic/physical security controls adherence, and system security administration.
- Perform in depth analysis of technical solutions and implement to resolve technical issues and ensure
security and compliance requirements are met. - Perform periodic (annual, quarterly, monthly, weekly, daily) compliance activities as required.
- Experience in asset configuration management and familiar with basic change management process.
- Experience in system security event monitoring and ability to review and identify abnormal events.
- Ability to work independently and in a team environment, including identifying project needs, prioritizing multiple projects, and following through all assignments.
- Provide timely updates on tasks and meet internal and client deadlines with high quality deliverable Excellent communication and interpersonal skills
Skills:
- Bachelor’s Degree in Computer Science, Information Systems, Engineering, or related technical major.
- Five (5) years of experience in Information Technology field performing complex analysis, consulting, and providing recommendations.
- Three (3) years of combined hands-on experience in one or more of the following areas:
Experience with NERC Critical Infrastructure Protection standards V6.
Experience with UNIX scripting/LINUX and Windows Operating Systems.
Experience with PowerShell, Python Scripting, and understanding of the OSI/TCP IP Model.
Three (3) years of experience with Process design (Workflow, Visio, documentation, templates).
Three (3) years of experience with Office Suite – (Microsoft Word, Excel, PowerPoint, and Project).
Experience working within a SCADA/ Industrial Control System environment.
Experience or working knowledge of Splunk or Tenable.
CISA, CISM or CISSP.
Note: Security is the key requirement, however they would expect the candidate to understand the NIST framework and their controls, few listed below
- Access Management
- Configuration Management
- Patch management
- Vulnerability scanning
- Logging and Monitorin
Job Features
Job Category | Compliance Analyst |
Contact | ranjitha.p@saasvaap.com |
Job Location | LA, CA |