Security Analyst

Motion Recruitment • Contract • Jacksonville, FL, US • $40 - $46 / hour • 1w ago

Security Analyst

12 Month Contract (Potential for extension)

Hybrid schedule in Jacksonville Florida (2-3 days a week onsite)

The Security Analyst – GRC is responsible for monitoring, evaluating, and supporting enterprise cybersecurity and regulatory compliance operations across integrated Information Technology (IT) and Operational Technology (OT) environments within the utility sector.

This position occasionally requires after-hours support to assist project teams and perform assigned tasks, minimizing interruptions to core business operations

Responsibilities

• Assist on third-party risk assessments, vendor security review documentation and contracts reviews to ensure regulatory and data protection compliance.

• Serve as a resource to develop, maintain, and enforce security policies, standards, and procedures.

• Conduct risk assessments, security posture assessments, process reviews, or security testing and coordinates remediation efforts.

• Maintain GRC documentation including risk registers, control matrices, and incident logs.

• Produces technical documentation for regulatory reporting and internal tracking.

• Support audit readiness managing audit evidence collection and documentation for internal and external regulatory audits (NERC CIP, HIPAA, PCI-DSS).

• Collaborate on the implementation and monitoring of security controls.

• Monitor regulatory updates and advise on compliance program enhancements.

• Assists in maintaining compliance assurance and audit of regulatory security controls with NERC CIP, FERC, and other utility regulations

• Supports internal and external audits by gathering evidence and responding to compliance inquiries.

• Participate in awareness campaigns and deliver security training sessions.

• Develops and maintains awareness materials and dashboards to communicate cybersecurity practices (e.g., via SharePoint).

• Analyzes trends in security events to enhance situational awareness and operational readiness.

• Maintains and updates asset inventories, control mappings, and configuration baselines.

• Validates implementation of layered security controls and monitoring systems.

• Acts as a liaison between internal teams and external auditors and vendors.

• Escalate unique or unresolved issues to senior staff.

• Participate in special projects and ongoing professional development.

Qualifications

Demonstrated understanding and application of required knowledge, skills, and abilities under general supervision.

Knowledge of:

• Network and systems architecture supporting utility operations, including ICS/SCADA environments

• Regulatory frameworks and standards: NIST Cybersecurity Framework, NERC CIP, Critical Security Controls (CSC), PCI, FACTA, HIPAA, FERC, and DOE guidelines.

• Operating systems, network/system architecture, protocols, and services.

• Risk management methodologies and audit lifecycle procedures

• ITIL principles and service management best practices

• Governance, Risk & Compliance (GRC) platforms and policy documentation systems

Skill in:

• Supporting security solutions that protect IT and OT infrastructures

• Using cloud services and platforms (e.g., SaaS/O365, PaaS, IaaS via AWS and Azure)

• Conducting vulnerability assessments and implementing remediation strategies.

• Writing and applying scripts (Python, PowerShell, Regex) for security automation.

• Identifying and mitigating threats, vulnerabilities, and malware relevant to utility environments.

• Integrating cybersecurity controls into development lifecycles and change management processes.

• Producing and interpreting audit logs with SIEM tools in utility settings.

• Assisting with software updates and patch deployments.

• Interpreting regulatory language and applying to technical controls.

• Organizing audit activities and preparing supporting documentation.

• Developing reports, dashboards, and documentation using SharePoint or similar tools.

• Using Microsoft Office Suite (Excel, Word, PowerPoint, Outlook)

• Communicating findings effectively across technical and business audiences.

• Critical Thinking: Assesses information for accuracy and relevance, challenges existing practices, and evaluates short- and long-term impacts of decisions on systems and outcomes.

• Managing Conflict: Proactively addresses potential disagreements, remains neutral and solution-focused, and seeks compromise through common ground.

You will receive the following benefits:

Medical Insurance - Four medical plans to choose from for you and your family
Dental, Orthodontia, and Vision Benefits
Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance
401(k) with pre and post-tax options
Paid Sick Time Leave

Motion Recruitment Partners is an Equal Opportunity Employer, including disability/vets. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.