Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
National Grids Critical National Infrastructure (CNI) department provides IT support services for the SCADA applications that drive the companys operations. The Compliance Analyst role will operate as part of the CNI Energy Management Systems (EMS) support team with primary focus on NERC-CIP compliance and cyber security of the application infrastructure located at the Northborough, MA and Lincoln RI facilities.
The position will require the successful candidate to perform a broad range of infrastructure, compliance, and cyber security support tasks covering desktops, servers, and appliances. The candidate will regularly collaborate with counterparts in other CNI teams to ensure standards and best practices are followed.
- Ensure that configuration, change management, and patch management processes are documented accurately and actions taken are compliant with National Grid policies.
- Utilize automated software tools, including the BigFix, Cisco SourceFire, McAfee, and Tripwire products to manage device baselines, changes, security patches, and cyber threats.
- Monitor and maintain changes to device baselines, investigate and document change reasons. Create security incidents for unauthorized changes.
- Ensure devices are logging and reporting using the Tripwire software suite.
- Coordinate with the EMS support staff and application vendors, including EMS vendors, to evaluate software and security patches based on operational constraints.
- Conduct periodic vulnerability assessments using the Tripwire IP360 tool. Ensure vulnerabilities are documented, develop remediation plans and track activities to completion.
- Serve as the subject matter expert for compliance assessments and audits.
- Work cooperatively with other NERC CIP Compliance analysts, cross-train in additional compliance activities and serve as a backup as necessary.
- Participate in department and/or cross-functional teams to complete special projects or assignments as requested
- Monitor and maintain the overall health of the electrical SCADA system including workstations, servers, communications equipment and application software.
- Participate in team meetings and conference calls to ensure awareness of ongoing activities and priorities.
- Respond to major incidents as part of a team.
- Participate in an on call rotation, providing after-hours and storm support when required.
- Bachelor's degree in Computer Science, Cyber Security, or other related discipline.
- Must possess strong writing, verbal communication and documentation skills and the ability to achieve and communicate with a sense of urgency
- Ability to work with a variety of personnel and be conversant with both technical and business-oriented personnel
- Ability to articulate how people, process and technology, collectively, are essential in establishing and executing a NERC CIP compliance strategy
- Competency with network security and information security concepts and technologies
- Ability to meet pressured deadlines, time constraints and periodic requirements
- Demonstrated ability to develop long-range program plans, set goals and objectives, and decisions on program priorities and analyze program effectiveness
- Knowledgeable of Windows and Linux operating systems.
- Familiarity with the following is desirable:
- Patch Management
- Configuration & Change Management
- Intrusion Detection and Prevention
- Risk Assessment methodologies
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.
Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task