If you have what it takes to become part of the Vistra family and would like to start a promising career with a global leader, take a look at the exciting employment opportunities that are currently available and apply online.

Job Summary

The Sr. Analyst for cyber compliance will administer controls to maintain adherence with regulatory rule sets and internal policy, investigate variances and escalate when needed. They will be responsible for making sure the required evidence documentation is accurate to ensure effective compliance. They will be responsible for maintaining the confidentiality, integrity and availability of information assets and ensuring that compliance drives operational best practices, delivering on agreed upon service expectations and procedures. The Sr. Analyst is expected to participate in and provide support to audit processes and lead remediation steps for findings.

Job Description

Key Accountabilities

• Investigate and address variances by performing root cause analysis and developing corrective actions to mitigate the potential of recurrence and advise management of the same.
• Produce required logs, evidentiary records & other items as needed.
• Support efforts to prepare, coordinate and submit materials responsive to regulatory reporting requirements, internal and external audits and other Requests For Information.
• Exercise critical thinking and problem solving to research and document processes supporting applicable regulations, identify efficiency and automation opportunities and work with process owners to implement agreed-upon solutions.
• Monitor stakeholder control performance and provide guidance as needed to ensure adequate evidence of compliance
• Efficiently and accurately perform periodic monitoring controls required to maintain and evidence compliance with internal and external regulatory obligations.

• Support technology key controls, tools and compliance with regulatory requirements(i.e. ERCOT, NERC-CIP, PCI, NACHA, SOX, NEI)

   

Education, Experience, & Skill Requirements

• Experienced gained through college degree programs and/or certification in business, technology, or related field
• 6-8 years experience with an understanding in one or more of the following: NERC CIP, ERCOT Protocols, ISO 27001, NIST 800-53, SOX, PCI, NACHA , NRC.
• Exceptional reading comprehension and written communication skills
• Experience with application development or a coding technology language such as (VBA, PowerShell, Python, Ruby, C++, etc.)
• Preferred:
• Experience facilitating agreement across a wide range of disparate stakeholders
• Experience with ICS devices, Generation or Transmission assets
• Working knowledge of agile framework and methodology
• Experience with Cloud security or Compliance best practices

• Professional certification a plus (e.g., CISM, CISA, CISSP, Digital Design)

   

Key Metrics

• Compliance Metrics
• % of compliance controls completed on time
• % of control performance effectiveness

• % of control performance automation

   

   

   

   

Job Family

Information Technology

Company

Energy Harbor Nuclear Op