You’ll be required to register in our HR portal if you haven’t already done so.
This exciting and high profile position works with ISO-NE’s Cyber Security, IT infrastructure, application support, and change management teams to perform, monitor, and collect systems compliance data. Opportunities to mentor junior specialists, collaborate with all levels of impacted business units, and become a recognized IT subject matter expert and leader on NERC CIP standards.
How You Will Make an Impact
- Perform and monitor compliance activities associated with electronic access controls, account management, patch management, change management, and configuration management.
- Collect and analyze system information to ensure system compliance.
- Work with IT administrators to correct any non-compliance or policy non-conformance items.
- Develop and implement preventive, detective, and corrective technical controls.
- Evaluate the compliance of infrastructure components and operational processes to IT policies and CIP standards, prepare documentation of the results, and track resulting non-conformities and mitigation measures to resolution.
- Provide procedure templates, forms, and work instructions to support these activities.
- Identify, test, and implement process improvements to the compliance tools and systems.
System Administration Compliance:
- Perform technical analysis of baseline configurations and update baselines.
- Perform detailed account authorization and access reviews.
- Respond to research requests associated with NMAP scans (ports and services).
- Work with the IT system administrators to document ports and service business justifications and patch notification sources.
- Perform agent check verifications on systems.
- Perform CIP-010 security control checks.
- Perform initial analysis and triage of logging events and escalate to appropriate IT administrators.
- Monitor and analyze the health of services and systems in the CIP compliance program.
- Verify software identify and integrity checks performed.
What We Look For
- Bachelor’s Degree in Engineering, Computer Science, Information Security, or related fields or equivalent experience
- 6+ years of experience working with data center operations and technologies, IT infrastructure (Windows/Linux/Cisco) and software
- 5 - 7 years in compliance, project management, risk management, or document management
- Basic security and networking concepts including: LAN/WAN, firewalls, routers, switches, VPN, encryption, IDS/IPS sensors.
- Strong to advanced MS office skills, including Word, Excel, Access and SharePoint; experience in building charts and graphics, forms and templates.
- Demonstrated understanding of the NERC CIP standard
- Strong analytical skills
- Deliver high-quality, accurate work within established deadlines
- Experience with scripting/programming languages
- Working knowledge of configuration management technologies used to maintain compliance such as Tenable/Ansible.
- Exceptional teamwork and interpersonal skills
Location and Benefits
ISO New England is located in Holyoke, MA. The company provides a base salary plus bonus, competitive Medical and Dental plan, paid vacation, 401k with company match, retirement plan and more. All benefits start on your first day.
We are proud to be an EEO/AA employer. Applicants for employment are considered without regard to race, creed, color, citizenship, religion, sex, sexual orientation, marital status, national origin, age, disability, status as a veteran, Vietnam Era Veteran, or being a member of the Reserves or National Guard.
We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Social Networking Notice
ISO New England reserves the right to review the candidate's postings on any social networking site accessible in the public domain as part of the candidate assessment process.