Loading...
Share this Job

Senior Compliance and Risk Analyst

Apply now »

Date: Feb 19, 2021

Primary Location: Juno Beach, FL, US, 33408

Company: NextEra Energy

Our reliability is one of the best in the nation, and we’re working to make it even better. We live here too. That’s why we’re committed to making Florida a better place. Join our team today Learn more

 

Position Specific Description

This position will serve as a Senior Compliance & Risk Analyst. This position will assist in planning, developing and implementing a comprehensive security program. This position will support the compliance efforts to applicable federal and state laws, and regulations such as (but not limited to): North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards / Requirements, Maritime Transportation Security Act (MTSA), and Chemical Facility Anti-Terrorism Standards (CFATS).  

 

Desired Qualifications:

  • Bachelor’s degree in Engineering, Computer Science, Management of Information Systems, or any other related field of study and five (5+) or more years of experience in research, analysis, and intelligence.
  • Excellent verbal, written, communication, and time management skills.
  • Demonstrated skills leading and collaborating with others.
  • Demonstrated critical thinking skills and out-of-the-box-thinking.
  • Experience working in an environment that requires executing processes and procedures in place to ensure regulatory compliance
  • Knowledge of common computer applications and operating systems programs including windows based software such as Power Point, Adobe Acrobat, Word, Excel, and SharePoint.  
  • Experience with NERC standards, auditing or risk management.
  • Expereince with regulatory compliance standards / requirements (both cyber & physical).
  • Experience with building / performing assessments of internal control frameworks.
  • Knowledge of MTSA and CFATS regulatory requirements.
  • Completion of the following certifications CISSP, CISA, CPP, PSP, or GAIC - GCIP.
  • Works under very tight requirements and deadlines.
  • High standard of integrity and reliability.

 

Core Duties and Responsibilities

  • Assist in the performance of activities and collection of data to maintain corporate compliance with mandated cyber security regulations, particularly cyber / physical security regulations associated with NERC, MTSA, and CFATS.
  • Review the implementation, documentation, testing, and monitoring of security solutions and associated security compliance regulations.
  • Assist in the development, review, and update of appropriate policy, procedure, and standards to maintain corporate compliance with mandated cyber security regulations associated with NERC.   
  • Assist in the development of processes to identify, quantify, analyze, and report NERC CIP compliance status.
  • Participate in internal auditing activities performed for NERC CIP compliance verification and develop a system of associated metrics for periodic reporting.
  • Provide assistance to appropriate business units and stakeholders as it relates to NERC CIP, MTSA m and CFATS compliance activities and requirements for demonstrating compliance with mandated security regulations.
  • Assist with training, including training material development and deployment to ensure that compliance becomes a sustainable business practice.
  • Gather and prepare documentation to support audits, self-assessments, data requests, etc.
  • Impart guidance and direction to personnel and ensure the accuracy, consistency and standardization of all work products.   

 

Job Overview

This job supports teams facilitating internal solution development across business units, to align Cybersecurity risk, leading technology solutions, and user experience. This position is responsible for various aspects of achieving compliance of cybersecurity including developing, implementing and enforcing IT policies, standards, methodologies and awareness using a risk based approach. Employees in this role develop a deep understanding of NextEra’s technology footprint, technology strategy, threat landscape and risks, to establish a collective Cyberstrategy.

Job Duties & Responsibilities

  • Builds processes and tools to provide the business visibility of cybersecurity risks and drive accountability
  • Develops and maintains policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate cyber risk while maintaining corporate compliance with mandated security regulations
  • Assesses and reviews security and controls to ensure sustainable regulatory compliance
  • Develops processes and monitoring to identify, quantify, analyze, and report risk and compliance status
  • Coordinates cyber risk management efforts including identification, assessment, tracking and resolution of risk management activities across all levels of the organization
  • Assists with training, including training material development and deployment to ensure that compliance and risk becomes a sustainable business practice
  • Gathers and prepares documentation to support audits, self-assessments, data requests, etc.
  • Performs other job-related duties as assigned

Required Qualifications

  • High School Grad / GED
  • Bachelor’s or Equivalent Experience
  • Experience: 5+ years

Preferred Qualifications

  • Bachelor’s Degree
  • Certified Information Systems Aud (CISA) certification
  • Project Management Professional (PMP)
  • Six Sigma Green Belt Certified

 

Employee Group:  Exempt
Employee Type:  Full Time
Job Category:  Information Technology
Organization:  Florida Power & Light Company 
Location:  Juno Beach, Florida 
Other Work Locations:  Florida 
Relocation Provided:  No

 

NextEra Energy is an Equal Opportunity Employer. Qualified applicants are considered for employment without regard to race, color, age, national origin, religion, marital status, sex, sexual orientation, gender identity, gender expression, genetics, disability, protected veteran status or any other basis prohibited by law. We are committed to a diverse and inclusive workplace.

If you require special support or accommodation while seeking employment with NextEra Energy, please send an e-mail to recruiting-coordinator.sharedmailbox@nexteraenergy.com, providing your name, telephone number and the best time for us to reach you. Alternatively, you may call 1-844-694-4748. Please do not use this line to inquire about your application status.

NextEra Energy will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

NextEra Energy does not accept any unsolicited resumes or referrals from any third-party recruiting firms or agencies. Please see our policy for more information.

#LI-DS1 


Nearest Major Market: Palm Beach
Nearest Secondary Market: Miami

Job Segment: Sustainability, Energy