Share this Job

Senior Cyber Compliance Analyst

Date: May 8, 2021

Location: RICHMOND, VA, US, 23219

Company: Dominion Energy

At Dominion Energy we love our jobs.  That’s right.  Love.  Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate.  These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever.  We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent?  Do you think differently?  Do you want to fall in love with your job? If you answered “yes,” then read on!

At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.

This position does not offer relocation assistance. 

Job Summary

The position is responsible for aggregating and conveying information protection compliance obligations for Service Company stakeholders and Business Areas and developing monitoring programs to ensure the obligations are met.   

Specific job responsibilities include the following:

  • Maintains the cyber regulatory compliance program for processes, applications and systems across business units.
  • Leveraging cyber security best practices and detailed understanding of cyber regulatory requirements, this role defines guidance for how compliance is achieved, provides governance and oversight to the entire program; can provide technical guidance or evaluation of technical procedures towards achieving compliance; reduces or eliminates of audit findings; implements changes and ensures compliance with all regulatory requirements.
  • Can lead and participate in compliance-related projects requiring advanced knowledge of regulatory requirements as well as knowledge of appropriate security architecture, technology best practices and business area requirements, limitations and unique system implementations.
  • Ensures effective compliance processes and procedures are implemented for systems and applications.
  • Evaluates processes for failure points and implements controls to mitigate those potential failures.
  • Completes compliance-related data requests, investigates failures or breakdowns in processes and develops of plans for remediation or prevention of future incidents.
  • Identifies opportunities for strengthening compliance controls proactively.
  • Raises awareness of current and upcoming policies, regulations, and requirements, and develops solutions for compliance.

Performs other duties as required.  23261





Required Knowledge, Skills, Abilities & Experience

5 to 7 years of compliance experience. (Note:  A Master's degree will count as one year towards the experience requirement.  A partial year of six months or more of experience will be rounded up to one year)

Specific knowledge, skills, abilities and experience include:

  • Experience with implementing or auditing security controls identified in NIST SP800-171 and NIST SP800-53A is critical to success in this position
  • Experience and understanding of FISMA, FARS, DFARS, CUI, CMMC.
  • Previous experience creating and updating cyber & human performance controls for compliance requirements.
  • Experience working with internal and external auditing firms.
  • Experience in writing procedures and policies.
  • Experienced translating procedures into operational steps.
  • Root cause analysis understanding and/or training.
  • Human performance failure analysis training and/or understanding.
  • Understands IT Technology and Business Technology as required to successfully design and implement a compliance program.
  • Understands current security architecture best practices.
  • Understands current cyber security best practices.
  • Possesses the drive to independently learn and become an expert in the evolving regulatory landscape and how that maps to an evolving Dominion Energy IT and business technology landscape.

The company is actively seeking United States military veterans and service members who meet the qualifications outlined below.

  • Military service members and veterans with ranks from E5-E9, W1-CW5, or O3-O6, plus appropriate equivalent combination of education and years of experience as outlined above.

Education Requirements

Degree or an equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education: Bachelor


Preferred Disciplines: Computer Science; Information Systems; Information Systems Security; Information Technology

Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description

Preferred but not required:  CFCP, CISA, CISM

Working Conditions

Office Work Environment 76 -100%
Travel Up to 25%

Other Working Conditions

Test Description

No Testing Required


Export Control

Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law.  Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.


Other Information

We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more.   To learn more about our benefits, click here

Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.  

You can experience the excitement of our company – it's the difference between taking a job and starting a career.

Nearest Major Market: Richmond

Job Segment: Information Systems, Computer Science, Information Security, Technology