Cyber Security Analyst

Electric Reliability Council of Texas Taylor, TX
Are you an ERCOT Employee? If so please log in to Workday to apply. JOB PURPOSE Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Provides a full range of analytic duties using knowledge of multidisciplinary security concepts, principles and practices applicable to security administration. Develops, recommends and enhances compliance preventive and detective controls. JOB SUMMARY Implements, monitors and maintains compliance preventive and detective controls. Supports the development, documentation, deployment, review and maintenance of Information Security Policies, Standards, Guidelines and Procedures. Communicates Information Security requirements, principles and concepts through innovative awareness and education methods. Monitors, evaluates and executes security controls and procedures to ensure compliance with security related regulatory and corporate requirements Senior Security Controls Analyst: Guides and improves the development, documentation, deployment, review and maintenance of Information Security Policies, Standards, Guidelines and Procedures; providing security consulting services. Communicates and educates Information Security requirements, principles and concepts through innovative awareness and teaching methods. POSITION DESCRIPTION Job Title: Security Controls Analyst Essential Job Duties and Tasks Level 2: Monitors, evaluates and executes security controls and procedures to ensure compliance with security related regulatory and corporate requirements Tracks, interprets, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines Provides technical support and advice to other groups on security requirements Works with stakeholders to identify appropriate security requirements, engineer practical security solutions and implement measurable security guidelines Promotes and delivers security-related material promoting security awareness. Uses software tools to gather system configuration information and vulnerabilities Identifies risk areas, and ensure that adequate controls are in place and operating effectively by using thorough testing methods Assists with Risk Assessments on corporate assets using a formal methodology and recommend safeguards to mitigate risk Maintains current knowledge of security trends, vulnerabilities, threats, and mitigation methods Maintains the confidentiality of review results and the status of the current security environment Produces and presents compelling security-related training content Creates and consistently delivers awareness material promoting security awareness Senior level: Develops and executes security controls to ensure compliance with security related regulatory and corporate requirements Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines Provides technical and architecture consulting to other groups on security requirements Works with stakeholders to identify appropriate security requirements, engineer practical security solutions and implement measurable security guidelines Designs, produces, and delivers compelling security-related training content Creates and consistently delivers awareness material promoting security awareness Builds and improves software tools to gather system configuration information and foresee vulnerabilities. Anticipates risk areas, and ensures that adequate controls are in place and operating effectively by using thorough testing methods Conducts with Risk Assessments on corporate assets using a formal methodology and recommend safeguards to mitigate risk Expands and shares expertise about security trends, vulnerabilities, threats, and mitigation methods. Maintains the confidentiality of review results and the status of the current security environment QUALIFICATIONS Education: Bachelor’s degree in Computer Science, Business Administration or a combination of education and experience that provides the applicant with knowledge equivalent to a major in of such fields. Licenses or Certification: CISA, CIA, or CISSP certification preferred. Microsoft or UNIX certifications a plus. Work Experience Required: Level 2: Minimum of two years (in excess of degree requirements stated above) of progressively responsible experience in IT analysis or IT security administration. Senior: Minimum of five years (in excess of degree requirements stated above) of progressively responsible experience in IT analysis or IT security administration Are you an ERCOT Employee? If so please log in to Workday to apply.