Cyber Compliance Analyst/Sr. Cyber Compliance Analyst (TSA)

Job Summary

In support of the Company's TSA programs, this role maintains the cyber regulatory compliance program for business units' processes, applications, and systems. Using cyber security best practices and a deep knowledge of cyber regulatory requirements, this role:

• Provides guidance on how to achieve compliance, governs and monitors the entire program; can offer technical guidance or assess technical procedures for compliance; reduces or eliminates audit findings; implements changes and ensures adherence to all regulatory requirements.
• Can lead and participate in compliance-related projects that require advanced knowledge of regulatory requirements as well as knowledge of suitable security architecture, technology best practices and business area requirements, limitations, and unique system implementations.
• Monitors the implementation of compliance processes and procedures for systems and applications.
• Examines processes for failure points and implements controls to prevent those potential failures.
• Coordinates or completes compliance related data requests, investigates failures or breakdowns in processes and develops plans to fix or prevent future incidents.
• Proactively finds opportunities to strengthen compliance controls.
• Provides awareness of current and upcoming policies, regulations, and requirements, and collaborates with business and technical teams to develop an approach to achieve compliance.
• Perform other duties as requested or assigned.

Required Knowledge, Skills, Abilities & Experience

Cyber Compliance Analyst:  3 to 4 years of cyber or IT audit, compliance, or technology experience (Note: A Master's degree will count as one year of experience)
Senior Cyber Compliance Analyst:  5 to 7 years of cyber or IT audit, compliance, or technology experience (Note: A Master's degree will count as one year of experience)

Specific knowledge, skills, abilities and experience:

• Experience with TSA or other regulatory compliance is desired;
• Experience and understanding of Cyber regulatory standards and requirements;
• Previous experience creating and updating cyber & human performance controls for compliance requirements;
• Experience working with internal and external auditing firms;
• Experience in writing procedures and policies;
• Experienced translating procedures into operational steps;
• Root cause analysis understanding and/or training;
• Human performance failure analysis training and/or understanding;
• Understands IT Technology and Business Technology as required to successfully design and implement a compliance program;
• Understands current security architecture best practices;
• Understands current cyber security best practices;
• Possesses the drive to independently learn and become an expert in the evolving regulatory landscape and how that maps to an evolving Dominion Energy IT and business technology landscape.

Education Requirements

Degree or an equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education:  Bachelor

Preferred Discipline(s): Cyber Security, Computer Science; Information Systems; Information Systems Security; Information Technology

Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description

CISA, CISSP, CIA, etc.

Working Conditions

Other Working Conditions

Test Description

No Testing Required