Cybersecurity Governance and Risk Analyst

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

Strategic Staffing Solutions is currently looking for a Cybersecurity Governance & Risk Analyst for a contract opportunity with one of our largest clients located in Charlotte, NC!

Title: Cybersecurity Governance and Risk Analyst
Location: Charlotte, NC (Hybrid schedule 2 days per week onsite)
Duration: 12 Months
Role Type: W2 contract engagement

Job Description

The Senior Cyber Security Governance and Risk Analyst is directly responsible for ensuring the operational reliability of the Bulk Electric System and Natural Gas Pipeline through demonstrated compliance with requirements defined by NERC CIP Standards and TSA Security Directives. To be successful, the Senior Cyber Security Governance and Risk Analyst must have a functional understanding of the IT Systems and Tools that support these environments, including:

• Footprints and Service Now IT service management tools
• Splunk
• Ansible Automation Platform
• Tripwire Enterprise / IP360
• Palo Alto Panorama
• Microsoft applications including Word, Excel, Visio, and PowerPoint
• Other internally developed applications that support these environments

Responsibilities

• Actively participating in daily, weekly, monthly, quarterly, and annual NERC CIP and TSA compliance tasks and audit activities, as well as, participating as a subject matter expert (SME) as necessary during audits.
• Working with multiple IT / Cybersecurity teams to ensure that solutions adhere to compliance requirements defined by NERC CIP Standards and TSA Security Directives.
• Assisting with the review, evaluation and root cause identification of deficiencies that lead to compliance violations and/or near misses
• Participating in the development of mitigation plans and responsibility for completing corrective actions to address compliance violations and/or near misses
• Developing and maintaining a working knowledge of command syntax, with
  
  
  
  • Cisco Catalyst and Nexus switches
  • Cisco ACI
  • Cisco Routers
  • Opengear remote management terminals
  • SecureCRT or other Secure Shell terminal client
  • Citrix Web Interface
  • Use of VPN with RSA tokens
  • Adobe PDF markup
  
  

Required/Basic Qualifications

• Bachelor s degree
• In lieu of Bachelor s degree(s) AND 5 year(s) related work experience, High School/GED AND 10 year(s) related work experience

Desired Qualifications

• CISSP and/or Certified Information Security Manager (CISM) and/or CISA
• Cisco Certified Network Associate (CCNA)
• Direct working experience with NERC CIP or NIST frameworks
• Advanced degree in Computer Science, Engineering, Legal or related field
• Demonstrated working knowledge of programming languages and tools, including:
• Python
• Visual Basic
• YAML
• JSON File Formatting
• BASH Terminal
• Bitbucket
• Linux
• Hands-on knowledge of orchestration and automation tools such as Ansible

The S3 Difference

The global mission of S3 is to build trusting relationships and deliver solutions that positively impact our customers, our consultants, and our communities. The four pillars of our company are to:

• Set the bar high for what a company should do
• Create jobs
• Offer people an opportunity to succeed and change their station in life
• Improve the communities where we live and work through volunteering and charitable giving

As an S3 employee, you re eligible for a full benefits package that may include:

• Medical Insurance
• Dental Insurance
• Vision Insurance
• 401(k) Plan
• Vacation Package
• Life & Disability Insurance Plans
• Flexible Spending Accounts
• Tuition Reimbursement