Overview
Immediate need for a talented Compliance Analyst that brings experience in the INDUSTRY. This is a 12 month contract opportunity with long-term potential and is located in Charlotte, NC. Please review the below job description and reply with the most current MS Word version of your resume.
Job Description:
The primary purpose of this position is to carry out assignments to demonstrate compliance with NERC Critical Infrastructure Protection (CIP) reliability standards within the Cybersecurity Information Technology (IT) department.
The Compliance Analyst will maintain a set of IT Security and Compliance tasks with oversight responsibilities to ensure full compliance with associated processes;
ensures responsibility is assigned to each task;
and completes/monitors for completion.
Roles/Responsibilities:
Participates in compliance activities, including external audits, mitigation plans and performs selected tracking and monitoring tasks assigned to IT Security Compliance and ensures scheduled compliance activities and events are completed and documented.
Assist in collecting and maintaining documented evidence.
Maintain strong working relationship and collaborate with various IT support groups and business line groups Subject Matter Experts to provide technical and compliance assistance in accomplishing the objectives of monitoring, evidencing and assists in collecting and maintaining appropriate documented evidence.
Perform day-to-day security reviews and analysis and compare systems to established baselines, reviewing available ports and services, and analyzing systems for security breaches;
Promptly reports compliance and control exceptions and deficiencies to IT management and others as applicable and appropriate.
Assists in reviewing and identifying deficiencies as well as preparing mitigation plans for regulatory agencies during and recommending corrective action and suggesting improvements in operations; ensures timely completion of all tasks identified in mitigation plans.
Manage change management process: review change management tickets for complete information; collect and attach evidence;
ensure test plans meet NERC CIP requirements Maintain an accurate inventory of all systems Strong capability to build and maintain effective relationships with IT and business unit support groups and associated Subject Matter Experts.
Comments:
Desired Qualifications
1. Bachelor’s degree in computer science, math, or business related field or an alternate combination of education and experience which results in equivalent job knowledge is required.
2. 2-5 years experience with NERC CIP Compliance, IT audits, IT security, network, infrastructure and related industry regulatory issues experience in compliance focused position, or equivalent.
3. CISA (Certified Information Security Analyst), CISSP (Certified Information Systems Security Professional) or similar Certifications
4. Advanced experience with Microsoft SharePoint and Microsoft Office products.
1. If you have had any responsibility for or participation in judicial, administrative, regulatory or other oversight proceedings involving Duke Energy or any of its affiliates, please identify the agency or department, the dates of your employment, and the nature of your responsibilities, including a list of any proceedings involving Duke Energy or any of its affiliates. NOTE: Only answer this question if you have worked with the government or other agency involved with Duke Energy oversight.
2. If you are subject to any restrictions or limitations to becoming employed by Duke Energy, as a result of your current or previous employment with a governmental agency or department, please describe those restrictions (e.g. cooling off period or revolving door restrictions). NOTE: Only answer this question if you have worked with the government or other agency involved with Duke Energy oversight. 3. Education: Bachelor Degree or a combination of education plus equivalent work experience.
About DIVERSANT
Summary of your startup DIVERSANT is the largest African American owned IT staffing firms providing IT talent to Fortune 500, mid-market and startup companies.