Job Summary
The Sr. Analyst for cyber compliance will administer controls to maintain adherence with regulatory rule sets and internal policy, investigate variances and escalate when needed. They will be responsible for making sure the required evidence documentation is accurate to ensure effective compliance. They will be responsible for maintaining the confidentiality, integrity and availability of information assets and ensuring that compliance drives operational best practices, delivering on agreed upon service expectations and procedures. The Sr. Analyst is expected to participate in and provide support to audit processes and support remediation steps for findings.Job Description
Key Accountabilities
Investigate and address variances by performing root cause analysis and developing corrective actions to mitigate the potential of recurrence and advise management of the same.
Produce required logs, evidentiary records & other items as needed.
Support efforts to prepare, coordinate and submit materials responsive to regulatory reporting requirements, internal and external audits and other Requests For Information.
Exercise critical thinking and problem solving to research and document processes supporting applicable regulations, identify efficiency and automation opportunities and work with process owners to implement agreed-upon solutions.
Monitor stakeholder control performance and provide guidance as needed to ensure adequate evidence of compliance
Efficiently and accurately perform periodic monitoring controls required to maintain and evidence compliance with internal and external regulatory obligations.
Support technology key controls, tools and compliance with regulatory requirements(i.e. ERCOT, NERC-CIP, PCI, NACHA, SOX, NEI)
Education, Experience, & Skill Requirements
Experienced gained through college degree programs and/or certification in business, technology, or related field
6-8 years experience with an understanding in one or more of the following: NERC CIP, ERCOT Protocols, ISO 27001, NIST 800-53, SOX, PCI, NACHA , NRC, NEI 08-09, NEI 13-10.
Exceptional reading comprehension and written communication skills
Preferred:
Experience facilitating agreement across a wide range of disparate stakeholders
Experience with ICS devices, Generation or Transmission assets
Working knowledge of agile framework and methodology
Experience with nuclear compliance
Professional certification a plus (e.g., CISM, CISA, CISSP, Digital Design)
Experience with application development or a coding technology language such as (VBA, PowerShell, Python, Ruby, C++, etc.)
TXU Energy
1601 Bryan St
Dallas
Texas United States
www.txuenergy.com
