Sr. Analyst Cyber Security Compliance

Overview

On Site
Hybrid
Depends on Experience
Full Time

Skills

Root cause analysis
NIST 800-53
C++
Cyber security
Regulatory reporting
Critical thinking
Problem solving
ISO/IEC 27001:2005
Reading comprehension
Application development
Cloud security
Digital design
Information Technology
Effective communication
Regulatory Compliance
Policies
Documentation
Auditing
Leadership
Management
Research
Automation
NERC
Payment card industry
NACHA
Sarbanes-Oxley
Communication
Software development
VBA
Windows PowerShell
Python
Ruby
Facilitation
ICS
Agile
CISM
CISA
CISSP
Metrics
Energy
Teamwork
Military

Job Details

If you have what it takes to become part of the Vistra family and would like to start a promising career with a global leader, take a look at the exciting employment opportunities that are currently available and apply online.

Job Summary
The Sr. Analyst for cyber compliance will administer controls to maintain adherence with regulatory rule sets and internal policy, investigate variances and escalate when needed. They will be responsible for making sure the required evidence documentation is accurate to ensure effective compliance. They will be responsible for maintaining the confidentiality, integrity and availability of information assets and ensuring that compliance drives operational best practices, delivering on agreed upon service expectations and procedures. The Sr. Analyst is expected to participate in and provide support to audit processes and lead remediation steps for findings.

Job Description

Key Accountabilities

  • Investigate and address variances by performing root cause analysis and developing corrective actions to mitigate the potential of recurrence and advise management of the same.
  • Produce required logs, evidentiary records & other items as needed.
  • Support efforts to prepare, coordinate and submit materials responsive to regulatory reporting requirements, internal and external audits and other Requests For Information.
  • Exercise critical thinking and problem solving to research and document processes supporting applicable regulations, identify efficiency and automation opportunities and work with process owners to implement agreed-upon solutions.
  • Monitor stakeholder control performance and provide guidance as needed to ensure adequate evidence of compliance
  • Efficiently and accurately perform periodic monitoring controls required to maintain and evidence compliance with internal and external regulatory obligations.
  • Support technology key controls, tools and compliance with regulatory requirements(i.e. ERCOT, NERC-CIP, PCI, NACHA, SOX, NEI)

Education, Experience, & Skill Requirements

  • Experienced gained through college degree programs and/or certification in business, technology, or related field
  • 6-8 years experience with an understanding in one or more of the following: NERC CIP, ERCOT Protocols, ISO 27001, NIST 800-53, SOX, PCI, NACHA , NRC.
  • Exceptional reading comprehension and written communication skills
  • Experience with application development or a coding technology language such as (VBA, PowerShell, Python, Ruby, C++, etc.)
  • Preferred:
  • Experience facilitating agreement across a wide range of disparate stakeholders
  • Experience with ICS devices, Generation or Transmission assets
  • Working knowledge of agile framework and methodology
  • Experience with Cloud security or Compliance best practices
  • Professional certification a plus (e.g., CISM, CISA, CISSP, Digital Design)

Key Metrics
  • Compliance Metrics
  • % of compliance controls completed on time
  • % of control performance effectiveness
  • % of control performance automation

Job Family
Information Technology

Company
Energy Harbor Nuclear Op

Locations
Perry

Ohio

We are a company of people committed to: Exceeding Customer Expectations, Great People, Teamwork, Competitive Spirit and Effective Communication. If this describes you, then apply today!

If you currently work for Vistra or its subsidiaries, please apply via the internal career site.

It is the policy of the Company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, disability, genetic information, military service, protected veteran status, or any other consideration protected by federal, state or local laws.

If you are an individual with a disability and need assistance submitting an application or would like to request an accommodation, please email us at to make a request.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Vistra Corp