Business Systems Analyst
ACS Professional Staffing

Job Info

---

• Location: Vancouver, Washington
• Type: Contract
• Job #7905

Overview:

ACS Professional Staffing is looking for an employee to work on-site with our client. This Business Systems Analyst 3 position serves as an analyst for the development and implementation of varied and complex operational cybersecurity and compliance practices for Transmission systems. This role works in close collaboration with the technical subject matter experts to develop and monitor strategic regulatory compliance, cyber security, and IT/OT programs. This position will also provide analytical support to FISMA/NERC-CIP assessments and authorizations, including reviewing and suggesting security controls to meet NIST 800-53. This position will work closely with internal and external customers to provide business process development and support, aligned with company and organizational goals, priorities, and any Key Strategic Initiatives (KSIs). This position concentrates on collecting and analyzing data, analyzing workflow, and developing information and documents to support process analysis and decision-making frameworks in the completion of assessments and documentation for regulatory compliance and audit review. The Business Systems Analyst will work with internal business stakeholders and facilitate gathering and analyzing information using standard tools and approaches, or developing new when needed, to clarify business operations and functions, document and map current and future states, perform gap analysis, identify solution alternatives, evaluate the alternatives, provide weighted recommendations and develop / draft associated processes and procedures for management approved direction. Additionally, the position will provide technical expertise, support and assistance to more junior personnel and department co-workers on a variety of ad hoc and formal projects and programs requiring policy/procedure/process analysis. This full-time position is located in Vancouver, WA.

Pay range: $48.59 - $69.42

Benefits:

• Paid holidays: 11
• PTO: Starting at 10 days
• Sick Leave: Up to 56 hours per year (prorated based on start date)
• EAP: Employee Assistance Program
• Benefit Options Available: Medical, Dental, Vision, FSA, DCA, LPFSA, HSA, Group Life/AD&D, Voluntary Life/AD&D, Voluntary Short-Term Disability, Voluntary Long-Term Disability, Voluntary Critical Illness, Voluntary Accident, 401k (immediately eligible for employee and employer contributions - employer match up to 4%)
• Other benefits include the following: Calm App, Access Perks

Responsibilities:

• Reliability Compliance:
• Provide monitoring, review, analysis and support for the Security Management Program - verifying compliance evidence is collected in a timely manner and that information is reliable, consistent, and useful, providing recommendations for improvement as necessary.
• Serve as a process point of contact for the organization.
• Provide recommendations to management to mitigate, comment on, or provide further review for NERC and WECC proposed rulemaking and policies.
• Utilize TT's library publishing process to verify documentation is up-to-date and of adequate quality; performs data tracking. Makes recommendations for changing/enhancing organization and information navigation in TT's library structure.
• Identify and engage subject matter experts regarding programmatic cybersecurity, compliance, and conclusion of assessments for completion set by current timetables for regulatory compliance.
• At the direction of Management, draft and recommend processes and procedures to support NERC Mandatory Reliability standards and DOE NIST/FISMA security requirements for review and approval by management. Final documents will be reviewed and approved by staff.
• Assist in development of training materials and job aids to support above.
• Support the development of documentation necessary for reporting and audit requirements.
• With oversight of the manager/staff, provide quality assurance support to verify that vetted and established compliance standards and guidelines are followed, alert manager of any noted concerns or potential issues.
• Provide support to NERC annual certification process and any other spot audit or compliance requests.
• Support the development of documentation necessary for reporting and audit requirements.
• Draft and recommend procedures to accomplish reliability compliance tasks for review and approval by management. Assist managers with the promotion and implementation of approved recommendations and/or adopted procedures.
• Provide support to management / staff in audits by providing technical expertise, data call response coordination and data gathering. All materials related to audit responses must be reviewed by management / staff.
• Participate as a technical member of the team performing cyber security reviews and analysis. With oversight of the manager/staff, work with the team to develop and recommend cyber strategies and action plans to improve the team's cyber security maturity.
• Provide expert-level insight on cyber security best practices and architecture for data center operations. Review process and procedure documentation to identify gaps and potential improvement areas. Develop reports, graphs and other informational materials to present and support improvement recommendations for management review and approval.
• Provide program support to the Performance Analysis manager, including:
• Technical writing and coordination: Draft initial System Security Plans (SSP)s and work with resource managers to finalize SSP for Authorization to Operate (ATO) certification. Validate that Plan(s) of Action and Milestones are linked to asset strategies. All drafted materials must be reviewed and finalized by management / staff.
• Time management: Provide primary monitoring of key POAM milestone efforts and mitigation efforts dealing with compliance. Verify that these efforts contribute to the asset strategies.
• Reporting on performance and accomplishments: Monitor Technical Feasibility Exceptions (TFE) and verify TFEs are updated and retired in a timely manner.
• Data Call and Survey Coordination:
• Provide direct support for data calls and industry surveys. This may entail review and analysis of existing documentation and any new/changing requirements, enlistment of appropriate subject matter expert input, and drafting of responses. All drafted materials related to responses must be reviewed and edited by management / staff.
• Organize, monitor, review, and report on performance / metrics pertaining to data call artifacts collection and processes.
• Maintain and update process artifacts, verifying they are up-to-date and of adequate quality (reliable, consistent, and useful).
• Security Management Program Support:
• Provide visibility to managers of security related matters, their status and any potential issues or threats. Communicate concerns and recommendations regarding the assessment results and attempts to provide a consistent framework and architecture for security decision making.
• Provides expertise and recommendations to guide the implementation of security best practices.
• Review current and/or develop new processes and procedures needed to reduce cyber security flaws and compliance violation.
• Review and interpret respective DOE orders, manuals, policies, and standards and evaluate their inclusion and impact in the respective Transmission Technology (TT) environment.
• Develop and maintain a baseline of implemented company security policies for all components of the Transmission Technology (TT) infrastructure.
• Review, interpret, maintain Interconnect Security Agreements (ISA's) with company partners.
• Oversight/monitoring/verification of ports and services, security patch management, malicious code prevention, security event monitoring, and system access control.
• Interpret and recommend aligning of FISMA policy and standards to NERC-CIP policy and procedures.
• Review and interpret various NIST standards to help modernize current processes, procedures, and configurations to meet the ever-changing cyber security demands.
• Review and interpret various governmental policies, such as DOE Directives, CISA Directives, etc., to determine the potential impact to TT systems and assist in the development of a solution to meet these demands.

Requirements:

• A degree in Business Administration, Management, Organizational Development, Accounting, Engineering, Computer Science or a directly related discipline is preferred.
• With an applicable Associate's degree, 10 years of experience is required.
• With an applicable Bachelor's degree, 8 years of experience is required.
• Without an applicable degree, 12 years of experience is required.
• Experience should be consistent with the specific requirements of operations analysis and progressively more technical in nature.
• Experience evaluating the adequacy and existence of IT security controls.
• Experience implementing and adhering to cyber security standards, knowledge of the application of Cyber Security practices such as NIST.
• Experience with the following:
• IT Monitoring/Reporting tools (i.e. SNMP, Tripwire, Nessus, NMAP, Splunk, SolarWinds, etc.).
• Trouble ticket/change request tools and processes, IT asset, and/or configuration management suites.
• Intermediate level proficiency in MS Excel 2016 sufficient to provide dashboard metrics in a variety of formats including charts and graphs using macros and pivot tables.
• Proficiency in automated data systems to include SharePoint and Visio and a high degree of efficiency in technical dynamics of software output (e.g. use of advanced printing such as to plotters, capabilities of cross-software embedding for purposes of presentations, technical webinars, etc.).
• Experience devising methods to automate testing activities and streamline testing processes.
• Experience with Linux and Windows operating systems.
• Experience implementing and adhering to NERC-CIP regulatory standards of compliance and documentation.

Work sponsorship is not available at this time. Third-party candidates will not be considered for this position.

Because we are a federal government contractor, we have special restrictions placed on us for hiring foreign nationals into certain key positions within the company. This particular position requires U.S. citizenship.

ACS Professional Staffing will provide equal employment opportunities to all applicants without regard to the applicant's race, color, religion, sex, gender, genetic information, national origin, age, veteran status, disability status, or any other status protected by federal or state law. The company will provide reasonable accommodations to allow an applicant to participate in the hiring process if so requested.

If you have any questions about the job posting, please contact recruiting@acsprostaffing.com

If you have any questions about our Reasonable Accommodation Policy, please feel free to email hr@acsprostaffing.com

This job has expired.