National Grid IS Compliance Analyst - Energy Service Companies (ESCO) in Waltham, Massachusetts
*About the position:*
National Grid is seeking a candidate to support a new regulatory requirement. This position will be part of the overall Governance, Risk and Compliance team within National Grid's Digital Risk and Security team. The successful candidate will support and manage the data security agreements associated with NY state energy service companies (ESCO’s). Complete security assessments and identify control deficiencies to ensure compliance with internal controls, policies and procedures; conduct independent assessments of third party responses and provide assurance related to responses and security controls relates to ESCO’s.
Establish and maintain relationships with key stakeholders
Process Data Security Agreements and create profiles in Archer for related ESCO
Identify gaps in security measures relates to ESCO responses
Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation.
Verify the design and effectiveness of controls to secure information system assets, including people processes and technologies.
Prepare reports by collecting, analyzing, and summarizing information
Prepare regular status reports for internal management
Communicate findings by preparing a final report; discussing findings with auditees and documenting results
Communicate findings with the IS risk team to coordinate findings, develop action plans based on risks and confirm that appropriate steps are taken to close out findings.
Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
Contribute to team effort by accomplishing defined objectives
Work with third party service providers to evaluate control design and operating effectiveness.
Work with internal stakeholders, including regulatory, legal and IS to build and maintain relationships and deliver value.
Others as Required
_Knowledge & Experience Required_:
Bachelor’s Degree Required
CISA – Preferred
CRISC – Preferred
CISM – Preferred
Archer GRC (Preferred)
Understanding of assessing third part service providers and associated risks
Understanding of SSAE 16, ISAE 3402, SOC 1, SOC 2 and AUP reports and principles
Strong Presentation Skills
Knowledge of control frameworks (COSO, CobIT, ISO, UCF, NIST) a plus
Willing and able to travel (10%)
This position has a career path which provides for promotional opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills.
//National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.//
Job: *IS DIgital Security & Risk
Organization: *IS Digital Security & Risk
Title: IS Compliance Analyst - Energy Service Companies (ESCO)
Requisition ID: 20182940