IT Analyst/ITEngineer SCADA Maintenance, Security & Compliance
This job is no longer active.
View similar jobs.
POST DATE 8/11/2016
END DATE 11/29/2016
JOB DESCRIPTIONJOB DESCRIPTION
IT ANALYST/ITENGINEER SCADA MAINTENANCE, SECURITY & COMPLIANCE
JOB ID 20162598 DATE POSTED 08/10/2016 Description
ABOUT THE POSITION:
The National Grid Service Delivery CNI department has an opening in the Gas SCADA group to support activities associated with the maintenance, monitoring, and security compliance of the Gas SCADA system. This position will have primary responsibility to support tools used to monitor system health, configuration management, and system security to ensure the compliance with NERC CIP standards and corporate policies. The position will also support day to day activities associated with the maintenance of the Gas SCADA system.
POSITION RESPONSIBILITIES (INCLUDING BUT NOT LIMITED TO):
* Utilize and maintain automated software tools such as Solar Winds, Sourcefire, Tripwire, Nessus, Skybox, and Lancope products.
* Monitor and maintain the overall health of the gas SCADA system including workstations, servers, communications equipment and application software.
* Ensure that configuration and change management processes are documented accurately and actions taken are compliant with National Grid policies.
* Ensure that tools accurately discover and inventory appropriate devices.
* Ensure all existing and newly added devices have an accurate baseline.
* Monitor device changes, investigate and document change reasons. Create security incidents for unauthorized changes.
* Ensure device logging is active and forwarding properly to the appropriate repository.
* Ensure log retention is consistent with regulatory standards.
* Tune whitelisting rules as required to support required application activity.
* Coordinate with the GMS support staff and application vendors, including GMS vendors, to evaluate patches.
* Develop, maintain and retain reports as necessary to demonstrate compliance with configuration and change management regulations.
* Conduct periodic vulnerability assessments. Ensure vulnerabilities are documented, develop remediation plans and track activities to completion.
* Serve as the subject matter expert for configuration and change management in assessments and audits.
* Work cooperatively with other NERC CIP Compliance analysts, cross-train in additional compliance activities and serve as a backup as necessary.
* Participate in department and/or cross-functional teams to complete special projects or assignments as requested
* Participate in team meetings and conference calls to ensure awareness of ongoing activities and priorities.
* Respond to major incidents as part of a team.
* Participate in an on call rotation, providing after-hours and storm support when required.
* Occasional travel to support GMS in other regions or attend training and conferences.
KNOWLEDGE & EXPERIENCE REQUIRED:
* Bachelor's degree in computer science or any engineering discipline.
* Must possess strong writing, verbal communication and documentation skills and the ability to achieve and communicate with a sense of urgency
* Ability to work with a variety of personnel and be conversant with both technical and business-oriented personnel
* Competency with network security and information security concepts and technologies
* Ability to meet pressured deadlines, time constraints and periodic requirements
* Demonstrated ability to develop long-range program plans, set goals and objectives, and decisions on program priorities and analyze program effectiveness
* Experience with Windows operating systems.
FAMILIARITY WITH THE FOLLOWING IS DESIRABLE:
* Intrusion Detection
* Patch Management
* Change Management
* Configuration Management
* Incident management response
* Risk assessment methodologies
* Information protection (including information classification)
* Disaster recovery planning
* General industry process control security standards
* Identity and access management
* Intrusion detection and prevention
* Secure network architecture
* NERC CIP 002-011 Standards
* The Standards of Good Practice for Information Security
* Microsoft Excel and Access
This position will report to the manager of GMS in the CNI organization. The position is located in Northborough, MA. Periodic interface with Internal Audit will be required to support audit and compliance activities. Entry level candidates will be considered.
NATIONAL GRID IS AN EQUAL OPPORTUNITY EMPLOYER THAT VALUES A BROAD DIVERSITY OF TALENT, KNOWLEDGE, EXPERIENCE AND EXPERTISE. WE FOSTER A CULTURE OF INCLUSION THAT DRIVES EMPLOYEE ENGAGEMENT TO DELIVER SUPERIOR PERFORMANCE TO THE COMMUNITIES WE SERVE. NATIONAL GRID IS PROUD TO BE AN AFFIRMATIVE ACTION EMPLOYER, COMMITTED TO PROVIDING EQUAL OPPORTUNITY TO EMPLOYEES AND APPLICANTS FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, CREED, NATIONAL ORIGIN, ANCESTRY, ALIENAGE OR CITIZENSHIP STATUS, GENDER, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, AGE, PHYSICAL AND MENTAL DISABILITY, MARITAL STATUS, VETERAN STATUS, PREDISPOSING GENETIC CHARACTERISTICS, OR ANY OTHER FACTOR PROTECTED FROM DISCRIMINATION UNDER MUNICIPAL, STATE, OR FEDERAL LAW. WE ENCOURAGE ALL INTERESTED, QUALIFIED PERSONS TO JOIN THE NATIONAL GRID TEAM.
:IS Service Delivery
:IS Service Delivery
:Aug 10, 2016, 9:20:30 AM