PJM

Sr. Security Analyst I (II)

PJM$90K — $120K *
Energy & Utilities
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Business Administration or Information Systems.
  • 5+ years in Information Security, Information Systems Auditing, or IT.
  • 5+ years of experience in auditing/compliance and security.
  • Strong attention to detail in high-quality work products.
  • Excellent verbal and written communication skills.
  • Experience with FERC, NERC CIP and RFC compliance.
  • Knowledge of information security, access control systems, and encryption.

Responsibilities

  • Develops strategies and plans for compliance with NERC CIP standards.
  • Leads and completes departmental and cross-functional projects.
  • Assists control owners in designing effective compliance controls.
  • Monitors and evaluates impacts of new NERC CIP standards.
  • Coordinates comments for NERC CIP standards from various regulatory bodies.
  • Verifies maintenance of security controls for compliance.
  • Develops compliance reports and participates in reviews.

Benefits

  • Flexible hybrid work arrangement.
  • Opportunities for ongoing professional development and training.
  • Collaborative work environment with internal stakeholders.
  • Participation in policy and procedure enhancement.
Full Job Description
Flexible Work Arrangement: Hybrid
The Sr. Security Analyst is responsible for leading and coordinating activities related to compliance, documentation, verification, monitoring, and reporting for the NERC CIP (Critical Infrastructure Protection) standards. This individual develops and maintains policies, standards, procedures, and control activities by working closely with CIP Compliance business partners. This individual also verifies control design and effectiveness on a scheduled basis and develops submittals to regional entities and auditors.

Essential Functions:

  • Applies understanding of IT security in conjunction with NERC standards to develop effective strategies and work plans for PJM's NERC CIP program.
  • Leads departmental and cross-functional projects to successful completion using project management approaches.
  • Assists control owners in designing and implementing effective controls to ensure compliance with NERC CIP standards.
  • Monitors and influences the development of new standards / new versions of standards and evaluates the impacts of the new /changed standards to PJM. Assists requirements owners with the transition process.
  • Leads and coordinates PJMs comments / balloting on all NERC CIP Standards related postings from FERC, NERC, RF and SERC.
  • Verifies that the design of security controls for compliance with NERC CIP standards is effectively maintained.
  • Lead or participate in the creation, modification, and implementation of control activities to ensure compliance with the NERC CIP standards.
  • Reviews evidence of compliance and tests to ensure that the objectives of controls are being satisfied; identifies areas for improvement; and is an integral part of ensuring improvements are implemented.
  • Works collaboratively with internal stakeholders by facilitating the assessment of new applications and new cyber assets to determine their criticality.
  • Supports the automation of security control activities.
  • Develops and implements detailed compliance reports for NERC CIP standards and control activities.
  • Participates in policy, standard, and procedure reviews and updates.
  • Leads training of internal personnel and presents compliance topics to members and industry stakeholders.
  • Assesses new technologies and their associated security and compliance risks in order to put plans into place for mitigating these risks.
  • Works to champion an understanding of the NERC CIP requirements as relative to PJM.
  • Identifies, documents, and reports security risks as relative to NERC CIP standards.
  • Conducts internal compliance reviews and coordinates self-reporting of potential violations. Assists control owners in the development and execution of mitigation plans. Ensures timely completion of all mitigation plan activities and facilitates evidence collection.
  • Develops an understanding and assists in defining the obligations of PJM’s affected Business Units to reasonably demonstrate compliance with the NERC CIP Standards.
  • May assist other team members as assigned
  • Other related duties as assigned

Characteristics and Qualifications:

Required:
  • Bachelor degree in Business Administration, Information Systems
  • At least 5 years of experience in the field of Information Security, Information Systems Auditing, Information Technology
  • At least 5 years of experience auditing/compliance, security, and/or information technology
  • Ability to produce high-quality work products with attention to detail
  • Ability to communicate effectively in a team environment
  • Experience in quantitative and qualitative analysis
  • Experience using verbal and written communications skills
  • Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint)
  • Ability to produce high-quality work products with attention to detail
  • Ability to visualize and solve complex problems
  • Experience with FERC, NERC CIP and RFC compliance
  • Experience in information security, access control systems, encryption, and related applications
  • Experience with conducting an annual security assessment to identify risk and vulnerabilities and develop recommendations for senior management based on results

Preferred:

  • MBA, Business Administration
  • MS, Information Systems
  • Experience with PJM operations, markets, and planning functions
  • Experience supporting any of PJM Committees
  • Experience with PJM operations, markets, and planning functions
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)

About PJM

PJM Interconnection is a regional transmission organization (RTO) that coordinates the movement of wholesale electricity in all or parts of 13 states and the District of Columbia. The company's mission is to ensure the reliability of the power grid and to facilitate the wholesale electricity market. PJM Interconnection operates the largest power grid in North America, serving over 65 million people. The company was founded in 1927 and is headquartered in Audubon, Pennsylvania.
Learn more about PJM
Size
1,600 employees
Industry
Revenue
$12.9 billion
NASDAQ

Similar Jobs

More Jobs at PJM

More Energy & Utilities Jobs

Find similar Sr. Security Analyst I (II) jobs: