Location
Merrillville, IN | United States
Job description
Senior Cyber Assessment Analyst
Full Time Perm
Shift : Hybrid - 2 days on-site 3 days remote
Salary Range: $91,000 - $136,600
Location: Columbus, OH, Merrillville, IN, Chester, VA, Lexington, KY, or Canonsburg, PA
Relocation assistance provided
NiSource's Cyber Assessments program, also known as Third Party Risk Management leverages Fortress and Archer to support the vendor risk lifecycle. We communicate results to management, supply chain, and vendor relationship owners. The Cyber Assessments program also partners with Supply Chain and Cyber Vulnerability Management for a cohesive Fortress implementation, including Supply Chain vendor onboarding and contract renewal processes. Cyber Assessments include corporate and technology Control Assessments using Fortress and coordinating independent assessments such as penetration tests, NIST CSF, and mock regulatory reviews. Technology supports focuses on our enterprise Archer implementation and Fortress solution. The Cyber Assessments Analyst will work collaboratively with numerous teams including NERC CIP Compliance, Pipeline Compliance, Innovation, Supply Chain and the business. This role is responsible for executing the Cyber Assessment program and driving the effective use of Fortress and Archer, including upgrades, dashboards and metrics. You will work closely with the Director of Cyber Compliance, the Manager Cyber Assessments, the Manager(s) Cyber Compliance, and others as needed to ensure that all assessment results are addressed and leverages Fortress and Archer and their adoption.
Key outcomes for success include:
NiSource has an effective Cyber Assessments program, leveraging Fortress and reducing vendor risk
The program must effectively communicate results to management, vendor relationship owners, and supply chain
NiSource Cyber Assessments partners with Supply Chain and Cyber Vulnerability Management for a cohesive Fortress implementation, including Supply Chain vendor onboarding and contract renewal processes
Archer is an effective tool for Innovation, Cyber Compliance and expands to additional business units. Interfaces with key NiSource systems of record (i.e. Workday, Service Now, etc.)
Analyze vendor risk posture, identify risk items, tracking of exceptions, and other data to assist management in making more informed decisions relative to vendor management
Help ensure that NiSource and contracted services are performed to satisfaction
Positive business perception of Cyber Assessments services through proactive actions
Essential Responsibilities:
Perform routine assignments in the Cyber Assessment Analyst job band, under the direction of the Director of Cyber and the Manager Cyber Assessments
Work closely with the business, OT, IT, and Cyber and Service Providers to perform and/or support Cyber Assessment processes
Assist in driving the implementation of the roadmaps for Cyber Assessments, Archer, and Fortress Control Assessments
Assist in executing the Cyber Assessment (CA) program, ensuring a methodology is used and communicated relative to when a CA is performed, risks are mitigated, results are communicated, and metrics are produced supporting the program.
Executes or assists others in executing Cyber assessments supporting the business, Cyber, IT, OT, and the Innovation line of business ensuring Supply Chain processes are adhered to. Reviews must meet stated objectives, budget requirements, timeline requirements and reporting/readout requirements
Supports and strives to be knowledgeable relative to Fortress Control Assessments, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to NiSource
Supports and strives to be knowledgeable relative to Archer, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to NiSource; Serves as an Archer ambassador across NiSource as to capabilities and expanded adoption
Assist in audit/issues tracking and resolution for processes related to Cyber Assessments as requested
Advance the use and adoption of Archer RSA to maintain and manage risk, compliance, and policy monitoring and tracking
You must possess the below minimum qualifications to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates.
Minimum Qualifications
Bachelor’s Degree or equivalent work experience
4+ years of experience in varying Third Party Risk Management functions
4+ years of experience with Vendor Control Assessments, SOC2 reports and metrics
Knowledge of IT infrastructure components, trends, and best practices.
Preferred Qualifications
Solid understanding of NIST 800-53 v5 Control sets.
ITIL V4 certification
Demonstrated experience in Microsoft Excel and Word
Demonstrated experience in SharePointand/or ServiceNow
Experience using Archer IRM tool
Working knowledge of the gas and electric utility industry; additional experience a plus
* * Disclaimer
The preceding description is not designed to be a complete list of all duties and responsibilities required of the position
#OhioMeansJobs #NERC #NERCIP #CIP #SOC #CyberAssessments #TPRM #ThirdPartyRisk #DiversityInTech #NiSource #Ohio #ColumbusOH #ArenaDistrict #MerrillvilleIN #ChesterVA #CanonsburgPA #Chicago #ChicagoTech #Hybrid #TechJobs #LexingtonKY #NowHiring #ColumbiaGas #Utilities #ServiceNow #Archer #Fortress #ITIL
Inclusion & Diversity
Value inclusion within your day to day responsibilities by respecting others perspectives/convictions, engaging others opinions, creating a safe environment where people, ideas, and opinions are valued within your Team/Customers and external partners.
Respect and take into consideration diversity within your Team/Customers and external work partners by valuing different world views, challenges, and cultures that represent all walks of life and all backgrounds.
Treat others with respect and consideration. Actively participate in creating and contributing to a positive work environment.
Equal Employment Opportunity
NiSource is committed to providing equal employment opportunities in each of its companies to all employees and applicants for employment without regard to race, color, religion, national origin or ancestry, veteran status, disability, gender, age, marital status, sexual orientation, gender identity, genetic information, or any protected group status as defined by law. Each employee is expected to abide by this principle.
By applying, you may be considered for other job opportunities.
Safety Statement
Promote a safe work environment by actively participating in all aspects of our employee safety program. Report any unsafe conditions and take actions to prevent personal injuries. Support our interdependent safety culture by ensuring the safety of your co-workers. Stay focused on the task at hand and promote productivity through good work habits.
Salary Range:
$91,000.00 - $136,600.00
Posting Start Date:
2024-02-16
Posting End Date (if applicable):
Please note that the job posting will close on the day before the posting end date.
At NiSource, you'll be part of the team serving nearly four million customers throughout the Midwest and Mid-Atlantic, who count on us to energize their homes and businesses. Whether speaking with customers by phone, analyzing financial data or installing new gas lines in a neighborhood, you’ll meet exciting challenges each day and make the most of your skills and talents. And you’ll be part of a company that was named by Forbes magazine as one of America’s Best Large Employers.
We're looking for talent from all backgrounds. We invite candidates of all abilities to come as they are and do what they love. Through our years of successful growth, we’ve stayed true to our roots by making a difference in the lives of millions of our customers. If you’re interested in joining an inclusive, innovative company that fosters opportunity for growth, NiSource might be the place for you.
Job tags
Salary
