July 22, 2025
Electric Energy Jobs
  advertiser  
Our news service will be interrupted from July 19 to August 3, 2025

Senior Analyst, Program Risk Assurance

Organization:
National Grid
Region:
United States, Massachusetts, Waltham
End of contest:
April 13, 2021
  This job posting has expired
Type:
Full time
Category:
Risk management
Description
Job ID 18881

About us

National Grid is hiring for a Senior Analyst, Program Risk Assurance for our Cyber Risk Assurance team in Waltham, MA.

Job Purpose

The Project & Program Risk Assurance Team provides Risk Assurance on technology enabled change programs and technology related regulatory requirements across the US and UK.
    Coordinate with Subject Matter Experts to ensure projects are up to internal standards 
    Interface with IT/Operational Technology support teams, legal and other stakeholder individuals and teams as required.  
    Interface with projects and programmes from start-up to service transition and be able to provide advice on IT Control design and review evidence of compliance 
    Share best practice within wider Technology Risk 2LOD function 

Key Accountabilities

    Candidate will work with projects and programs to inform them of controls that are required to be built & implemented prior to go-live 
    Review evidence to ensure controls have been designed, implemented and tested 
    Based on controls validation, provide risk opinion prior to implementation 
    Must have deep understanding of Information Systems, Security techniques, Controls and Risk Management principles.
    Must be able to work independently and establish strong working relations across various lines of the business.
    Must be an effective communicator, with strong presentation skills, and be able to communicate to projects and programme risks related to Information Security and related controls.
    Must be able to demonstrate working knowledge of UK/US regulations and possess a strong background in process development to enhance current processes.
    Experience of either working in or providing assurance over technology enabled projects and programmes
    Experience of project lifecycle including stage gates
    Strong working knowledge of control frameworks (NIST CSF, NIST 800-53, COSO, CobIT, ISO, UCF)
    Strong Interpersonal Skills (ability to bring people together to solve complex issues)
    Understanding of Security and Risk Management, including those related to outsourcing
    Understanding of SSAE 16, ISAE 3402, SOC 1, SOC 2 and AUP reports and principles

Supervisory/Interpersonal- Experience Required

    Good interpersonal skills required to work with internal/external stakeholders and liaising with audit personnel.

Qualifications

    Bachelors degree 
    Preferred Certifications: CISA, CISSP, CISM, CRISC 
    Experience of IT controls and/or IT risk assurance 
    Experience at least two of the following, with all preferred: Information Technology, Operational Technology, Cyber Security, Power and Utilities / Electrical Engineering, Regulatory Compliance, Risk Management, Internal Controls Assurance / Quality Assurance , IT Sarbanes-Oxleyx 
    Experience of either working in or providing assurance over technology enabled projects and programs 
    Experience of project lifecycle including stage gates
    Full end to end knowledge of software development lifecycles and projects including the various stage gates and what good looks like in requirements, build, test, data migration, cutover and go-live activities
    Demonstrated knowledge of industry standards, regulations and methodologies, including NIST, COBIT, ITIL, SOx, NERC CIP, PCI, HIPAA, etc.
    Experience of forming opinions over applicable controls based on available information and providing guidance on design of controls where required 
    Experience of providing risk- based opinion and providing reporting to the business based on reviewing evidence of controls 
Must Have skills
    Risk Management, Information Security and Regulatory Compliance, or Controls Assurance 
    Ability to generate succinct and impactful reporting that combines technical knowledge and business easy to understand - non- jargon' language 
    Proven ability to deliver BAU activities within tight timescales to high quality 
    Ability to manage and engage with multiple stakeholders at all levels, including Project Managers/Leadership, IT/OT support teams and other stakeholder individuals and  terms as required 
    Strong interpersonal skills 

Preferred Skills
    Communications, Building relationship with Stakeholders, giving opinion based on the risk and control environment of any project/program 
    Strong team player and able to help improve current processes and procedures 
    Share knowledge and expertise within Tech Risk team and work with other teams such as Controls Assurance and Vendor Management 

Read the full posting.

Contact

National Grid

40 Sylvan Rd

Waltham

Massachusetts United States

www.nationalgridus.com


 From the same category : risk management