Job Post: Senior Security Compliance Analyst (IT)

SENIOR SECURITY COMPLIANCE ANALYST

Reports to: Manager, Information Systems Security Send CV to hr@ercot.com  FLSA Status: Exempt The CompanyThe Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 20 million Texas customers – representing 85 percent of the state’s electric load and 75 percent of the Texas land area. As the independent system operator for the region, ERCOT schedules power on an electric grid that connects 38,000 miles of transmission lines and more than 500 generation units.  ERCOT also manages financial settlement for the competitive wholesale bulk-power market and administers customer switching for 5.9 million Texans in competitive choice areas. Austin AreaAustin is the capital of Texas and is situated in the central part of the state referred to as the “Hill Country.”  This city is known as the “Live Music Capital of the World,” is the home of University of Texas Longhorns and has the best Tex-Mex and barbeque restaurants on the face of this earth.  Austin and its surrounding communities enjoy mild winters and the cost of living there compares favorably to many other parts of the US. Summary of Responsibilities

Gathers and organizes security compliance information on a schedule determined by security management. Ensures the accuracy of the information within the security department and with other business units as appropriate.  Works to streamline and automate the processes of gathering compliance and metrics information.  Responsibilities include but are not limited to ensuring compliance through Information Security Policies and repeatable compliance process; providing trend and metrics templates that report on ERCOT’s security and compliance posture; supporting the development, documentation, deployment, review and maintenance of Information Security Policies, Standards, Guidelines and Procedures; communicating Information Security Policies and providing process improvement recommendations.  May provide on–the-job training or oversee the work of other analysts.

Essential Job Duties

• Acts as security compliance reviewer for the company• Provides regular status reports to the ISSD Manager • Assists with IT security compliance reviews based on the ISO 17799 and NERC standards, using accepted evaluation practices• Conducts independent General Control and Application Control reviews and present unbiased opinions• Uses software tools to gather system configuration information and vulnerabilities• Identifies risk areas, and ensure that adequate controls are in place and operating effectively by using thorough testing methods• Assists with Risk Assessments on corporate assets using a formal methodology and recommend safeguards to mitigate risk• Communicates review findings to the ISSD Manager in a clear and concise method• Compiles and reports on security compliance metrics• Maintains current knowledge of security technology trends and hacker tools and methods• Maintains the confidentiality of review results and the status of the current security environment• Performs other duties as assigned. 

Job Competencies

• Functional/Technical Skills• Planning• Presentation Skills• Problem Solving • Written Communication 

Education

• Bachelor’s degree in Computer Science, Electrical Engineering or related field or six years applicable experience is required.

Licenses or Certification

• CISA, CIA, or CISSP certification preferred.  Microsoft or Unix certifications a plus.

Work Experience

• Minimum of 5 years (in excess of degree requirements stated above) of progressively responsible experience in IT analysis.

Physical Requirements

• Sedentary work.