The American Society of Mechanical Engineers (ASME)

Advertisemen

14 hours

Sr. IT Compliance Analyst

Waltham, MA
Apply Now
Apply on the Company Site
  • Job Code
    20172484
Company
Description: Description About the Position: We are seeking an IS Compliance Analyst who will be responsible for supporting our Vendor Assurance Program. In this role, the incumbent will be responsible for the evaluation of vendor risks for services provided, assist our procurement team in determining related risk and ensure contract terms and conditions align with Compliance and Risk management needs.

In addition to vendor evaluations and assessments. We need the incumbent to be savvy with identifying internal control deficiencies and be able to provide appropriate recommendations for improvements; this will also include independent assessments of third parties, conduct assessments for utility regulations which includes the following: NERC, PCI, MA 201, HIPPA, SOX, FERC and other international, federal and state regulations.
Job Duties:
Support Vendor Assurance Program, integrating Risk and Compliance management into procurement processes.

Manage Complex environment of vendors providing services to National Grid

Identify Associated risks related to Information Security, including operational technologies with embedded information technology

Work with third party service providers to evaluate control design and operating effectiveness.

Develop, plan and execute compliance assessment based on documented process

Develop and execute clearly written test plans based on control objectives in a repeatable manner

Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation.

Develop plan to assess vendors throughout the year balancing workload and assessments

Verify the design and effectiveness of controls to secure information system assets, including people processes and technologies.

Complete work papers by documenting compliance assessments and findings clearly articulating test methodology and steps taken.

Prepare reports by collecting, analyzing, and summarizing information

Prepare regular status reports for internal management

Communicate findings by preparing a final report; discussing findings with auditees and documenting results

Communicate findings with the IS risk team to coordinate findings, develop action plans based on risks and confirm that appropriate steps are taken to close out findings.

Ensure controls support Compliance with International, Federal, State, and local requirements; enforcing adherence and advising management on needed actions.

Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.

Contribute to team effort by accomplishing defined objectives

Work with internal stakeholders, including regulatory, legal and IS to build and maintain relationships and deliver value.

Others as Required

Qualifications Knowledge & Experience Required: Bachelor’s degree in Computer Science or similar discipline; or equivalent work experience. Advanced Degree in Cyber Security Preferred 3-5 years of relevant experience as an IT Auditor Strong understanding of supplier contracts Willingness to challenge that status quo and drive accountability Ability to influence and build relationships and demonstrate team leadership in all interactions. Exceptional written and verbal communication skills. Communicates effectively with business clients to identify needs and evaluate alternative business solutions. Extensive experience in MSOffice, Visio Archer GRC (Preferred) Preferences: Have 3+years’ experience in working in the Utility (Gas/Electric) domain with in a project setting. Certifications in Information Security, including CISA, CISM, CISSP, CRISC strongly desired This position has a career path which provides for promotional opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. The selected candidate will move laterally at their current band and market reference point and will not be eligible for a promotion at the time of accepting this position. This applies to candidates moving within the same career path (e.g., analyst, supervisor, engineer), or to a different career path (e.g., analyst to engineer, supervisor to analyst). The selected candidate will have an opportunity to be promoted within the career path during the annual salary planning process.
Job : Information Services Primary Location : MA-Waltham Other Locations : NY-Syracuse, NY-Brooklyn Organisation : Information Services Schedule : Full-time Job Posting : Sep 14, 2017, 1:09:39 PM Unposting Date : Nov 14, 2017, 12:59:00 AM

Categories

  • Mechanical Engineering - Applied Mechanics
  • Operations
  • Mechanical Engineering - Codes, Standards and Certifications
  • Mechanical Engineering - Safety
  • Mechanical Engineering - Environmental / Solar / Sound
  • Computer Software Engineering

Featured Employers[ View All ]

Share this job:

Sr. IT Compliance Analyst

National Grid
Waltham, MA

Share this job

Sr. IT Compliance Analyst

National Grid
Waltham, MA

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered By