This site uses cookies. To find out more, see our Cookies Policy

IT Security Ananlyst in Louisville, KY at Vaco

Date Posted: 5/10/2018

Job Snapshot

Job Description

Assists operational departments to develop and maintain written documentation of plans, programs, procedures, and other evidence necessary to comply with the requirements and measures of the NERC CIP Standards.

Participates in regulatory audits, spot-checks, and self-certifications including mock audits. Assist in preparing for compliance audits conducted by NERC/SERC. Responsibilities include developing Reliability Standard Audit Worksheets (RSAWs) and compiling supporting evidentiary documentation.

Provides consulting assistance in addressing security issues and in implementing security policies, procedures, and measures, including serving as a SME for a defined set of NERC CIP standards.

Assists with the review, evaluation and root cause identification of deficiencies, and participates in mitigations plans with corrective actions.

Provides technical guidance on compliance-related security controls, including vulnerability resolution activities, network segmentation, etc.

Documents complex processes and procedures into easily understood documentation, which meets reliability standards.

Develops strategies and approaches for business development proposals within a compliance and systems security context.

Participates in industry organizations and continues to enhance knowledge of Information Technology, SCADA, EMS, and DCS vulnerabilities and protective measures.

Bachelor's degree or alternate combination of education/experience that results in equivalent job knowledge is required. Two or more years of experience in IT with an emphasis in programming, design and user interface with at least two years of security experience.

Experience in PC, client/server, Network, Internet/web-development experience.

Experience in any of the following areas: NERC CIP Compliance, Cyber Security, IT Systems Architecture, IT Systems Administration, IT Auditing.

Certifications preferred may include:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Global Information Assurance Certification (GIAC)Vendor credentials offered by companies such as Microsoft and Cisco