Sr IT Risk Analyst
Waltham, MA

Job Description

About us

Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.

To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.

Job Purpose

Perform IT, inclusive of cyber, risk management services on behalf of IT and the business. This includes assessing, responding, monitoring and reporting on IT risks, in accordance with documented processes and industry best practices. Support continuous improvement of both IT and the enterprise risk management processes.

Key Accountabilities

* Document, implement and support improvement of IT Risk team processes, including:
* Risk Identification
* Risk Assessment and Response
* Risk Monitoring
* Risk Reporting
* Exception Processing


* Act as Risk Manager for assigned risks; evaluating status of major control milestones.
* Present a summary of assigned risks to management as required.
* Peer review work performed by other members of the team as part of defined QA processes.
* Serve as the primary point of contact and develop expertise in the organisation and operation of assigned IT team(s).
* Cover for Risk Support Analyst (e.g. shared mailbox monitoring) when required.

Qualifications

* Degree-level qualification or post graduate level (equivalent combination of education and experience) in cyber intelligence or security related subject
* At least 2 years of experience in managing information systems or information/cyber security risk according to an industry standard approach.
* Able to demonstrate credibility and influence stakeholders within the organisation.
* Ability to communicate effectively both orally and in writing.
* Good working knowledge of information/cyber security and related principles.
* Good working knowledge of IT and information/cyber security controls.
* Self-motivated and able to deliver with minimal supervision.
* Experience with relevant standards, frameworks and regulations including: GDPR, NERC CIP, Sarbanes Oxley, PCI, NIST Cyber Security Framework, HIPAA, US Data Privacy related laws, CFATS.
* Experience in the Critical National Infrastructure (CNI) and utility industry experience preferred.
* Ability to use MS Excel and Powerpoint effectively to produce formulas, reports and presentations.

More Information

This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.

National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.