About the Role:
A big utility company is seeking a Cyber Security Controls Assessor to support IT compliance efforts through the evaluation, validation, and assessment of general computer controls (GCCs) across a variety of platforms. This is a critical role ensuring systems and processes align with industry standards and regulatory requirements such as NIST, SOX, and NERC CIP.
Top Priorities:
- Strong control testing and audit assessment skills
- Excellent communication and problem-solving capabilities
- Experience interpreting security frameworks and managing risk and compliance
Responsibilities:
- Conduct multi-platform IT control assessments and evidence reviews (apps, OS, DB, network, etc.)
- Execute compliance reviews using NIST SP800-53, SOX, and other frameworks
- Analyze IT policies and procedures to identify control points
- Evaluate risks and propose remediation for control deficiencies
- Partner with control owners to ensure accurate documentation
- Retest and validate remediated controls
- Support the Compliance Manager and other related functions as needed
Qualifications:
Minimum Requirements:
- Bachelor’s degree in Computer Science, Business, or related field
- 3+ years in IT, including security or risk management
- Proficiency in Excel (workbooks, formulas)
- Experience managing multiple projects with competing priorities
- One valid certification such as:
- CISA, CRISC, CISSP, CIA, or CCNA
Preferred Qualifications:
- Utility industry or Big 4 consulting experience
- Experience with NIST SP800-53 or SOX
- Additional certifications a plus:
- CEH, ITIL, MCP/MCSE, CCNP, CISM, PMP
Skills & Competencies:
- Strong analytical and communication skills
- Understanding of IT systems, application, and network security
- Knowledge of GCCs, COBIT, ITIL, SOX, and NERC/CIP
- Ability to identify complex control gaps
- Highly organized and detail-oriented
- Ability to work independently in a fast-paced remote environment
Equipment Requirements:
- Personal computer or vendor-issued laptop with audio/mic setup (VDI support provided)
- Camera optional
Apply now if you’re ready to make an impact in cybersecurity compliance for a major utility organization!
