Job Title: Cyber Risk Analyst – Senior
Duration: 5 Months +
Location: Columbus, OH (2 days a week)
Payrate : 52$/ hr on W2 (Locals only)
US Citizens only
Description:
Qualifications
HYBRID ROLE –
- Must report onsite 2 days a week. Starting September 1st must report onsite 3 days a week. Candidates must be local in Columbus area. MUST BE US CITIZEN Job Summary: Develop, maintain, and execute the NiSource Cyber Assessments program, also known as Third Party Risk Management (TPRM), and Technology support. Cyber Assessments include Supplier / Vendor Control Assessments using both Archer / Fortress platforms and coordinating Supplier assessments such as inherent risk rank and Control assessments to provide transparency into NiSource's Third Party Risk Profiles. Technology support focuses on our enterprise Archer TPRM application and Fortress platform. The Cyber Assessments, Lead TPRM Monitoring and Reporting Analyst will work collaboratively with numerous teams including NERC CIP Compliance, Pipeline Compliance, Innovation, Supply Chain and the business to educate and inform business partners of Third Party Risk Profiles.
- This role is responsible for managing and reporting on Third Party Cyber Risks by maintaining risk profiles, tracking supplier issues and exceptions, and using tools to create reports, dashboards and metrics. Works closely with the Director of Cyber Compliance, the Manager Cyber Assessments, the Manager(s) Cyber Compliance, and others as needed to ensure that all assessment results are addressed and leverages Fortress and Archer and adoption of the program. Key outcomes for success include
Responsibilities
- Essential Responsibilities: Perform routine assignments in the Cyber Assessment Analyst job band, under the direction of the Director of Cyber and the Manager Cyber Assessments Work closely with the business, OT, IT, and Cyber and Service Providers to perform and/or support TPRM and Cyber Assessment processes Assist in driving the implementation of the roadmaps for Cyber Assessments, Archer, and Fortress Control Assessments Assist in executing the Cyber Assessment (CA) program, ensuring a methodology is used and communicated relative to when a Cyber Assessment is performed, risks are mitigated, results are communicated, and metrics are produced supporting the program.
- Executes or assists others in executing Cyber assessments supporting the business, Cyber, IT, OT, and the Innovation line of business ensuring Supply Chain processes are adhered to. Reviews must meet stated objectives, budget requirements, timeline requirements and reporting/readout requirements Supports and strives to be knowledgeable relative to Fortress Control Assessments, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to NiSource Supports and strives to be knowledgeable relative to Archer, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to NiSource; Serves as an Archer ambassador across NiSource as to capabilities and expanded adoption Assist in audit/issues tracking and resolution for processes related to Cyber Assessments as requested Advance the use and adoption of Archer RSA to maintain and manage risk, compliance, and policy monitoring and tracking
Minimum Qualifications:
- Bachelor's Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts 6+ years' TPRM experience in varying support functions
- 6+ years of experience with Vendor Control Assessments, SOC2 reports and metrics In-depth experience with TPRM processes, reporting and metrics Knowledge of TPRM components, trends, and best practices. Solid skills with computers, operating systems, and software (MS Office 365 suite of products) and ability to learn new technical concepts quickly.
- Analytical abilities, including process analysis and development, problem solving and root cause analysis. Teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills. Willing to travel up to 10% to NiSource business unit or other locations, as needed.
- Involvement in multiple process improvement initiatives Good written and verbal communication Demonstrated participation in successful delivery of TPRM projects Can work independently in multiple functional domains with minor assistance Solid understanding of NIST 800 CSF.
- NiSource business operations knowledge Working knowledge of the gas and electric utility industry; additional experience a plus Information Technology Infrastructure Library (ITIL) V4 certification a plus Preferred Additional Qualifications for Position Demonstrated experience in Microsoft Excel and Word Demonstrated experience in SharePoint Demonstrated experience in Reporting / Analytics Experience using Archer GRC tool
