×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Security Control Assessor

Job in Vancouver, Clark County, Washington, 98662, USA
Listing for: First Tek
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 USD Yearly USD 60000.00 YEAR
Job Description & How to Apply Below
Position: Security Control Assessor 2

ASSIGNMENT RESPONSIBILITIES

  • Monitor, review, analyze and support Operational Technology (OT) Security Governance & Oversight compliance management processes including regulatory audits, investigations of potential violations, and mitigation of violations.
  • Provide quality assurance reviews of NERC CIP compliance evidence, violation mitigation documentation, and cybersecurity controls documentation. Draft and present recommendations for improvement to documentation or artifacts. Alert BPA manager of any noted concerns or potential issues.
  • All materials related to audit responses must also be reviewed by BPA management and / or federal staff.
  • Facilitate and coordinate efforts to maintain and improve documentation of program processes and procedures.
  • Serve as a technical team member supporting Subject Matter Experts (SMEs) on cybersecurity compliance activities such as facilitating recurring cybersecurity processes and procedures; compile and submit compliance evidence in a Governance, Risk, and Compliance (GRC) tool; and contribute to investigations into potential violations. (Note : all drafted materials must be reviewed and finalized by BPA management / BPA staff.)
  • Serve as a reliability compliance process point of contact (POC) for the TTB organization, primarily supporting BES Cyber System Categorization and Physical Security of BES Cyber Systems.
  • Draft documentation necessary for compliance reporting and audit requirements.
  • Develop and recommend strategies and actions to improve incident response maturity.
  • Develop reports, graphs, and other informational materials to support improvement recommendations.
  • Review process and procedure documentation to identify gaps and potential improvement areas.
  • Collaborate with internal stakeholders and facilitate information gathering and analysis using standard tools and approaches, or developing new methodologies when needed, to assess business operations and functions, documents, and map current and future states, perform gap analysis, identify, and evaluate solution alternatives, provide recommendations, and develop / draft associated processes and procedures for management approved direction.
  • Recommend mitigation, countermeasures, or other options as needed.
  • Identify potential impacts to Transmission programs and processes from new or modified NERC CIP standards and policies or Federal Information Security Modernization Act (FISMA) / National Institute of Standards and Technology (NIST) requirements.
  • Provide recommendations to management to mitigate or comment on NERC proposed regulations and policies.
  • Assist in developing solutions, processes, and procedures required to achieve and sustain NERC CIP compliance and effective NIST controls.
  • Assist BPA staff with the promotion and implementation of approved recommendations and / or adopted procedures.
  • Upon request, provide stage-gate input into systems / software implementation projects for potential security or compliance risks and impacts.
  • Assist in developing, drafting, and recommending training materials and job aids.
  • Provide support and assistance to other Security Control Assessors, Cyber Security personnel and Operational Technology (OT) co-workers on a variety of ad hoc and standing projects requiring policy / procedure / process analysis.
REQUIREMENTS Education & Corresponding Experience (required on matrix)
  • A bachelor's degree in computer science, information technology management, Cyber Security, Forensics, or a closely related technical discipline is preferred.
  • years of experience is required with an applicable bachelor's degree.
  • years of experience is required with an applicable associate degree.
  • years of experience is required without a degree or applicable degree.
  • Experience should be consistent with the specific requirements of operations analysis, incident response, and progressively more technical in nature.
Required Technical Skills & Experience (required on matrix)
  • Ability to research and maintain proficiency in tools, techniques, countermeasures, and trends in information security, computer and network vulnerabilities, data hiding, network security, and encryption.
  • Ability to plan, execute and document compliance evaluations both independently and as a team member.
Preferred Skills & Experience (optional on matrix)
  • Demonstrated experience with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards, National Institute of Standards and Technology (NIST) Cybersecurity Framework, and / or NIST SP - Security and Privacy Controls for Information Systems and Organizations.
  • Certified Information Systems Security Professional (CISSP) or equivalent.
Additional Requirements (not required on matrix)
  • Valid Driver's License is required.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search