Cybersecurity Risk & Compliance Analyst
Wärtsilä
- Herndon, VA
- Permanent
- Full-time
- Lead our cybersecurity compliance and documentation efforts as it relates to our Operational Technology (OT) products for power plants.
- Be our SME for all things security compliance, including compliance with IEC 62443 & SOC 2.
- Recommend tools to help us manage compliance (either self-hosted or SaaS-based) and help with monitoring their conclusions and addressing them to enhance our cybersecurity posture.
- Work closely with technical teams throughout the Energy Storage & Optimization organization to aid in compliance related projects.
- Conduct internal audits, assess compliance gaps, and develop remediation plans to address deficiencies.
- Interface with customers, outside consultants, and auditors to coordinate handling of security issues.
- Create technical whitepapers and assist marketing & sales with promotional materials explaining our security measures, for customer consumption.
- Work with global sales teams to analyze and address regional cybersecurity standards and document how our products address them.
- Develop security policies, standards, and guidelines for our software development and operations teams to follow regarding security compliance.
- Stay up to date with changing requirements in cyber security and help us keep up with them.
- Help us refine our Software Development Lifecycle to ensure continuing security compliance.
- Demonstrated experience in implementing, auditing, or maintaining compliance with industry standard frameworks. Five or more years practical experience in cybersecurity, information security or compliance roles is strongly preferred.
- Sound experience and understanding of computer software and hardware, in both on-premises and cloud environments.
- Strong demonstrated skills in risk assessment, management and mitigation strategies, particularly including the ability to identify and address potential security threats and vulnerabilities.
- Strong attention to detail in regard to documenting and tracking adherence of the company to customer cybersecurity requirements (focused on OT environments).
- Proficiency in various technical areas including network security, application security, encryption technologies, identity and access management, and security incident response.
- Capacity to work in a fast-paced, dynamic and highly technical environment.
- Willingness to stay up to date with the latest trends, technologies and best practices as the world of cyber security evolves.
- A bachelor's degree in computer science, information technology, cyber security, a related field, or equivalent combination of education & experience.
- Advanced degrees or certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are beneficial.
- Excellent verbal and written English communication skills are necessary for effectively communicating compliance requirements, audit findings, and remediation plans to stakeholders at all levels of the organization.
- Competitive salary and significant upside in your career path as we are growing fast.
- Dynamic, technology centric working environment within an extremely focused team.
- Opportunity to lead the development of real-world applications with lasting impacts on green energy, the smart grid industry, and fighting global warming.