ACS Professional Staffing · 1 day ago
Security Control Assessor 2 (8382)
Vancouver, WA
Full-time
Onsite
Mid Level
$34.76/hr - $49.66/hr
4+ years expACS Professional Staffing is looking for a Security Control Assessor 2 to work on-site with their client. The role involves monitoring, analyzing, and supporting Operational Technology security governance and compliance activities, including regulatory audits and incident response initiatives.
ConsultingRecruitingStaffing Agency
No H1B
U.S. Citizen Only
Responsibilities
Monitor, review, analyze and support Operational Technology (OT) Security Governance & Oversight compliance management processes including regulatory audits, investigations of potential violations, and mitigation of violations
Provide quality assurance reviews of NERC CIP compliance evidence, violation mitigation documentation, and cybersecurity controls documentation. Draft and present recommendations for improvement to documentation or artifacts. Alert manager of any noted concerns or potential issues
All materials related to audit responses must also be reviewed by management and/or federal staff
Facilitate and coordinate efforts to maintain and improve documentation of program processes and procedures
Serve as a technical team member supporting Subject Matter Experts (SMEs) on cybersecurity compliance activities such as facilitating recurring cybersecurity processes and procedures; compile and submit compliance evidence in a Governance, Risk, and Compliance (GRC) tool; and contribute to investigations into potential violations. (Note: all drafted materials must be reviewed and finalized by management / staff.)
Serve as a reliability compliance process point of contact (POC) for the TTB organization, primarily supporting BES Cyber System Categorization and Physical Security of BES Cyber Systems
Draft documentation necessary for compliance reporting and audit requirements
Develop and recommend strategies and actions to improve incident response maturity
Develop reports, graphs, and other informational materials to support improvement recommendations
Review process and procedure documentation to identify gaps and potential improvement areas
Collaborate with internal stakeholders and facilitate information gathering and analysis using standard tools and approaches, or developing new methodologies when needed, to assess business operations and functions, documents, and map current and future states, perform gap analysis, identify, and evaluate solution alternatives, provide recommendations, and develop/draft associated processes and procedures for management approved direction
Recommend mitigation, countermeasures, or other options as needed
Identify potential impacts to Transmission programs and processes from new or modified NERC CIP standards and policies or Federal Information Security Modernization Act (FISMA) / National Institute of Standards and Technology (NIST) requirements
Provide recommendations to management to mitigate or comment on NERC proposed regulations and policies
Assist in developing solutions, processes, and procedures required to achieve and sustain NERC CIP compliance and effective NIST controls
Assist staff with the promotion and implementation of approved recommendations and/or adopted procedures
Upon request, provide stage-gate input into systems/software implementation projects for potential security or compliance risks and impacts
Assist in developing, drafting, and recommending training materials and job aids
Provide support and assistance to other Security Control Assessors, Cyber Security personnel and Operational Technology (OT) co-workers on a variety of ad hoc and standing projects requiring policy/procedure/process analysis
Qualification
Required
4 years of experience is required with an applicable bachelor's degree
6 years of experience is required with an applicable associate degree
8 years of experience is required without a degree or applicable degree
Experience should be consistent with the specific requirements of operations analysis, incident response, and progressively more technical in nature
Ability to research and maintain proficiency in tools, techniques, countermeasures, and trends in information security, computer and network vulnerabilities, data hiding, network security, and encryption
Ability to plan, execute and document compliance evaluations both independently and as a team member
Demonstrated experience with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards, National Institute of Standards and Technology (NIST) Cybersecurity Framework, and/or NIST SP 800-53 Security and Privacy Controls for Information Systems and Organizations
Certified Information Systems Security Professional (CISSP) or equivalent
Valid U.S. Driver's License is required
U.S. citizenship is required
Preferred
A bachelor's degree in computer science, information technology management, Cyber Security, Forensics, or a closely related technical discipline is preferred
Benefits
Paid holidays: 11
PTO: Starting at 10 days
Sick Leave: Up to 56 hours per year (prorated based on start date)
EAP: Employee Assistance Program
Benefit Options Available: Medical, Dental, Vision, FSA, DCA, LPFSA, HSA, Group Life/AD&D, Voluntary Life/AD&D, Voluntary Short-Term Disability, Voluntary Long-Term Disability, Voluntary Critical Illness, Voluntary Accident, Hospital Indemnity, 401k (immediately eligible for employee and employer contributions - employer match up to 4%)
Other benefits include the following: Calm App, LifeBalance Discount Program
Company
ACS Professional Staffing
ACS Professional Staffing is a leading professional staffing and consulting firm specialize in contract, temp-to-perm.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
John Alt
CEO
Company data provided by crunchbase