National Grid IS Compliance Analyst - Energy Service Companies (ESCO) in Waltham, Massachusetts

*About the position:*

National Grid is seeking a candidate to support a new regulatory requirement. This position will be part of the overall Governance, Risk and Compliance team within National Grid's Digital Risk and Security team. The successful candidate will support and manage the data security agreements associated with NY state energy service companies (ESCO’s). Complete security assessments and identify control deficiencies to ensure compliance with internal controls, policies and procedures; conduct independent assessments of third party responses and provide assurance related to responses and security controls relates to ESCO’s.

_Job Duties:_

  • Establish and maintain relationships with key stakeholders

  • Process Data Security Agreements and create profiles in Archer for related ESCO

  • Identify gaps in security measures relates to ESCO responses

  • Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation.

  • Verify the design and effectiveness of controls to secure information system assets, including people processes and technologies.

  • Prepare reports by collecting, analyzing, and summarizing information

  • Prepare regular status reports for internal management

  • Communicate findings by preparing a final report; discussing findings with auditees and documenting results

  • Communicate findings with the IS risk team to coordinate findings, develop action plans based on risks and confirm that appropriate steps are taken to close out findings.

  • Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.

  • Contribute to team effort by accomplishing defined objectives

  • Work with third party service providers to evaluate control design and operating effectiveness.

  • Work with internal stakeholders, including regulatory, legal and IS to build and maintain relationships and deliver value.

  • Others as Required

_Knowledge & Experience Required_:

  • Bachelor’s Degree Required

  • CISA – Preferred

  • CRISC – Preferred

  • CISM – Preferred

  • Archer GRC (Preferred)

  • Understanding of assessing third part service providers and associated risks

  • Understanding of SSAE 16, ISAE 3402, SOC 1, SOC 2 and AUP reports and principles

  • Strong Presentation Skills

  • Knowledge of control frameworks (COSO, CobIT, ISO, UCF, NIST) a plus

  • Willing and able to travel (10%)

This position has a career path which provides for promotional opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills.

//National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.//

/ /

Job: *IS DIgital Security & Risk

Organization: *IS Digital Security & Risk

Title: IS Compliance Analyst - Energy Service Companies (ESCO)

Location: MA-Waltham

Requisition ID: 20182940