Senior Cyber Compliance Analyst (NERC CIP)
CAYCE, SC, US, 29033
Dominion Energy
Dominion Energy operates in 16 states across the U.S., offering clean, safe, reliable, and affordable energy to more than 7 million customers.At Dominion Energy we love our jobs. That’s right. Love. Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate. These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever. We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent? Do you think differently? Do you want to fall in love with your job? If you answered “yes,” then read on!
Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined below will be considered for this opportunity.
At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.
This position does not offer relocation assistance.
Job Summary
In support of the NERC CIP program, this role maintains the cyber regulatory compliance program for business units' processes, applications, and systems. Using cyber security best practices and a deep knowledge of cyber regulatory requirements, this role: Provides guidance on how to achieve compliance, governs and monitors the entire program; can offer technical guidance or assess technical procedures for compliance; reduces or eliminates audit findings; implements changes and ensures adherence to all regulatory requirements.
Other specific responsibilities include:
- Can lead and participate in compliance-related projects that require advanced knowledge of regulatory requirements as well as knowledge of suitable security architecture, technology best practices and business area requirements, limitations, and unique system implementations.
- Monitors the implementation of compliance processes and procedures for systems and applications.
- Examines processes for failure points and implements controls to prevent those potential failures.
- Coordinates or completes compliance related data requests, investigates failures or breakdowns in processes and develops plans to fix or prevent future incidents.
- Proactively finds opportunities to strengthen compliance controls.
- Provides awareness of current and upcoming policies, regulations, and requirements, and collaborates with business and technical teams to develop an approach to achieve compliance.
Required Knowledge, Skills, Abilities & Experience
5 to 7 years of cyber or IT Compliance, IT Audit, Audit, Information Technology or Operational Technology (i.e. SCADA). Experience and understanding of Cyber regulatory standards and requirements. Note: A Master's degree will count as one year of experience. A partial year of six months or more will be rounded up to one year of experience.
Specific knowledge, skills, abilities and experience:
- Previous experience creating and updating cyber & human performance controls for compliance requirements.
- Experience working with internal and external auditing firms. Experience in writing procedures and policies.
- Experienced translating procedures into operational steps. Root cause analysis understanding and/or training.
- Human performance failure analysis training and/or understanding.
- Understands IT Technology and Business Technology as required to successfully design and implement a compliance program.
- Understands current security architecture best practices. Understands current cyber security best practices.
- Possesses the drive to independently learn and become an expert in the evolving regulatory landscape and how that maps to an evolving DE IT and business technology landscape.
- Certifications desirable but not required: CISSP, CISA, CCP
Education Requirements
Degree or an equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education: Bachelor
Preferred Discipline(s): Computer Science; Information Systems; Information Systems Security; Information Technology
Other disciplines may be substituted for the preferred discipline(s) listed above.
Licenses, Certifications, or Quals Description
Working Conditions
Office Work Environment 76 -100%Travel Up to 25%Other Working Conditions
Test Description
No Testing Required
Export Control
Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law. Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.
Other Information
We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more. To learn more about our benefits, click here dombenefits.com.
Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.
You can experience the excitement of our company – it's the difference between taking a job and starting a career.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISSP Compliance Computer Science NERC CIP SCADA
Perks/benefits: Competitive pay Health care Relocation support
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open SaaS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs