Job Information
Automation and Control Strategies (ACS Pro Staffing) Security Control Assessor in Vancouver, Washington
Location: Vancouver, Washington Type: Contract Job #7428 Overview: ACS Professional Staffing is looking for an employee to work onsite with our client. The Security Controls Assessor 2 role plays a crucial role in safeguarding transmission systems by reviewing security documentation, evaluating compliance, and applying expertise to IT/OT security controls. They contribute to incident analysis, compliance monitoring, and program administration. Additionally, they mentor junior team members and collaborate with colleagues on various security projects. This position requires collaboration and expertise to ensure successful implementation of cybersecurity and compliance practices. This full-time position is located in Vancouver, WA. Pay range: $46.24 - $66.06 Benefits: Paid holidays: 11 PTO: Starting at 10 days Sick Leave: Up to 56 hours per year (prorated based on start date) EAP: Employee Assistance Program Benefit Options Available: Medical, Dental, Vision, FSA, DCA, LPFSA, HSA, Group Life/AD&D, Voluntary Life/AD&D, Voluntary Short-Term Disability, Voluntary Long-Term Disability, Voluntary Critical Illness, Voluntary Accident, 401k (immediately eligible for employee and employer contributions - employer match up to 4%) Other benefits include the following: Calm App, Access Perks, Brio Health Responsibilities: Monitor, review, analyze and support Transmission Technology (TT) Security Governance & Oversight compliance management processes including regulatory audits, investigations of potential violations, and mitigation of violations. Provide quality assurance reviews of NERC CIP compliance evidence, violation mitigation documentation, and cybersecurity controls documentation. Draft and present recommendations for improvement to documentation or artifacts. Alertmanager of any noted concerns or potential issues. All materials related to audit responses must also be reviewed by management and/or federal staff. Facilitate and coordinate efforts to maintain and improve documentation of program processes and procedures. Serve as a technical team member supporting Subject Matter Experts (SMEs) on cybersecurity compliance activities such as facilitate recurring cybersecurity processes and procedures; compile and submit compliance evidence in a Governance, Risk, and Compliance (GRC) tool; and contribute to investigations into potential violations. (Note: all drafted materials must be reviewed and finalized by management / staff.) Serve as a reliability compliance process point of contact (POC) for the TTB organization, primarily supporting BES Cyber System Categorization and Physical Security of BES Cyber Systems. Draft documentation necessary for compliance reporting and audit requirements. Develop and recommend strategies and actions to improve incident response maturity. Develop reports, graphs, and other informational materials to support improvement recommendations. Review process and procedure documentation to identify gaps and potential improvement areas. Collaborate with internal stakeholders and facilitate information gathering and analysis using standard tools and approaches, or developing new methodologies when needed, to assess business operations and functions, documents, and map current and future states, perform gap analysis, identify, and evaluate solution alternatives, provide recommendations, and develop/draft associated processes and procedures for management approved direction. Recommend mitigation, countermeasures, or other options as needed. Identify potential impacts to Transmission programs and processes from new or modified NERC CIP standards and policies or Federal Information Security Modernization Act (FISMA) / National Institute of Standards and Technology (NIST) requirements. Provide recommendations to management to mitigate or comment on NERC proposed regulations and policies. Assist to develop solutions, processes, and p