1 Year Contract with downtown KC Utility Company!
Position Summary -
Responsible for specific assignments related to monitoring, testing and documenting information security controls.
AVERAGE DAY-TO-DAY: Coordinating and executing compliance administration tasks including but not limited to: lifecycle management of compliance documentation for NERC CIP Standards, Sarbanes Oxley Standards, and other internal standards, perform weekly, monthly quarterly and annual reviews to ensure compliance, Work across the enterprise with various stakeholders as needed, ensure the accurate creation and retention of evidence per standard/requirement on the appropriate schedule, ensure the accurate compilation of evidence in preparation for any audit or spot check, schedule and track process improvements, remediation or mitigation activities in support of the Information Systems Compliance organization. -Assisting current compliance analysts in scheduling tasks -Reviewing evidentiary documentation -Participating in various walk through reviews -Participation in program improvement efforts.
REQUIRED QUALIFICATIONS: -1-3 years compliance experience -Well organized, keeps detailed records -The ability and willingness to work in a team environment to develop solutions. Must be able to work in a team environment to analyze and suggest workable enhancements to overall compliance effort of Information Systems Compliance within KCP&L. Objectives apply to NERC CIP Standards, Sarbanes Oxley Standards, internal information technology standards and internal Cyber Security Standards.
Duties and Responsibilities -
- Under general supervision, validate the effectiveness of generally accepted information security controls.
- Participate in the writing and execution of test plans as directed.
- With guidance, increase compliance awareness within the corporation by assisting in the design, development and presentation of training on all aspects of compliance.
- Identify possible compliance issues to information systems and supporting communication networks by testing controls.
- Assist with compliance investigations as directed.
- Contribute to the effectiveness of the compliance program by assisting with the documentation and implementation of departmental procedures.
- Aid in ensuring the compliance activities, functions, plans and recommendations meet the risk posture of the corporation and the goals and performance measurements of the Information Security and Compliance Department.
- Assist in ensuring corporate policies, standards and guidelines are being followed by helping with the coordination of compliance activities with other Information Security Analysts, Human Resources, departmental management and other departments.
- Help with specific assignments related to developing, implementing, documenting and monitoring compliance activities for Information Technology.
Skills, knowledge and abilities -
- Ability to communicate across the organization and to include outside counterparts in other businesses industry-wide.
- Responsible for the development and implementation of effective awareness activities that maintain a high interest from the participants.
- Maintains knowledge of new technologies and corporate information systems as they affect information security.
- Maintains knowledge of industry regulations and corporate policies and how they affect corporate information systems.
- Areas of special emphasis include, but are not limited to, NERC Critical Infrastructure Protection (CIP) Standards and Sarbanes Oxley (SOX) requirements.