Axelon
Cyber Security Analyst III
Axelon, Wadsworth, Ohio, us, 44282
Cyber Security Analyst
Remote
12 Months
The Cyber and Information Security Analyst works closely with the Cyber Security teams and across all FirstEnergy subsidiaries and business units to protect the cyber assets of FirstEnergy.
We seek an individual experienced with current cyber security regulatory compliance and information protection strategies with the skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape, in support of compliance and regulatory requirements. A minimum of four years of experience is preferred.
We seek an individual experienced with current cyber security regulatory compliance and information protection strategies/tools with the skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape, in support of compliance and regulatory requirements. A minimum of four years of experience is preferred.
Responsibilities include: •Support FirstEnergy's compliance with NERC CIP, protecting the Bulk Electric System. •Provide support to project management team with a robust integration and automation solution, including reporting, project tracking, and developing project communications. •Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization •Develop training to educate stakeholders on new platform, integrations, and compliance •Perform testing and validation of compliance with new platform •Assist with configuring GRC tool for multi-tool integration and audit evidence and report generation
Qualifications •Bachelor's Degree in Computer Science, Information Security, Corporate Compliance, or similar discipline is preferred. A bachelor's degree in another field with relevant industry experience in cyber/information security will be considered. •Familiarity with the NERC CIP standards (CIP-007 R2 patch management, CIP-010, CIP-013) a plus. •Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cyber security program in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. •Effective communication skills which include creating and delivering reports, presentations, briefs, and training sessions. Must compose well-written, professional documents with minimal editorial and proofing support. •Familiarity with web based GRC tools (SigmaFLow, ServiceNow IRM and GRC, etc.) and related compliance processes a plus •Previous compliance audit experience a plus •Translate technical output from systems and assessment tools into understandable reports and action plans •Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option •An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization. •An ability to effectively influence others to reassess their opinions, plans or behaviors. •Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
The Cyber and Information Security Analyst works closely with the Cyber Security teams and across all FirstEnergy subsidiaries and business units to protect the cyber assets of FirstEnergy.
We seek an individual experienced with current cyber security regulatory compliance and information protection strategies with the skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape, in support of compliance and regulatory requirements. A minimum of four years of experience is preferred.
We seek an individual experienced with current cyber security regulatory compliance and information protection strategies/tools with the skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape, in support of compliance and regulatory requirements. A minimum of four years of experience is preferred.
Responsibilities include: •Support FirstEnergy's compliance with NERC CIP, protecting the Bulk Electric System. •Provide support to project management team with a robust integration and automation solution, including reporting, project tracking, and developing project communications. •Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization •Develop training to educate stakeholders on new platform, integrations, and compliance •Perform testing and validation of compliance with new platform •Assist with configuring GRC tool for multi-tool integration and audit evidence and report generation
Qualifications •Bachelor's Degree in Computer Science, Information Security, Corporate Compliance, or similar discipline is preferred. A bachelor's degree in another field with relevant industry experience in cyber/information security will be considered. •Familiarity with the NERC CIP standards (CIP-007 R2 patch management, CIP-010, CIP-013) a plus. •Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cyber security program in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. •Effective communication skills which include creating and delivering reports, presentations, briefs, and training sessions. Must compose well-written, professional documents with minimal editorial and proofing support. •Familiarity with web based GRC tools (SigmaFLow, ServiceNow IRM and GRC, etc.) and related compliance processes a plus •Previous compliance audit experience a plus •Translate technical output from systems and assessment tools into understandable reports and action plans •Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option •An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization. •An ability to effectively influence others to reassess their opinions, plans or behaviors. •Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.