PCN/OT Risk Analyst

Responsible for advising leadership on cybersecurity initiatives that support the latest trends in IT security, risk, and controls; facilitate compliance regarding all equipment used in the Process Control Network (PCN)/Operational Technology (OT) and Demilitarized Zone (DMZ), including timely remediation of critical vulnerabilities and support; integrate IT standards into the PCN environment; serve as site representative for internal and external cyber initiatives, including the annual Coast Guard inspection; serve as process advisor for the Operations Technology Incident Response Process (OTIRP) and maintain cybersecurity documentation including Business Continuity and Disaster Recovery Plans; facilitate risk assessment exercises; perform compliance and risk monitoring/validation, and other compliance assurance exercises; utilize Splunk, OneTrust TPSCRM, Symantec, ServiceNow, Archer, SDLC, NetSparker, Coalfire, Dark Owl, NIST 800-53, SOX, and PCI-DSS to perform duties; lead awareness of the information technology risk program elements to ensure responsibilities are understood and executed; coordinate external and internal assurance or advisory audits, representing information technology throughout the lifecycle of the audit (from planning through remediation strategy); monitor, track, and report mitigation and resolution of IT risks, and work closely with other technical, incident management, and forensic personnel to develop a broader understanding of the intent, objectives, and activities of cyber threat actors; and support the cyber defense program. Location: Detroit, MI and various unanticipated locations throughout the US; Salary: $118,560 per year; Education: Master's Degree in Computer Engineering, Computer Science, Information System Security, Information Technology, or in a related field of study (will accept equivalent foreign degree); Experience: Two (2) years in the position above, as an IT Compliance Analyst, as a Risk Analyst, or in a related occupation; Other Requirements: Experience must include two (2) years' use of all the following: Splunk, OneTrust TPSCRM, Symantec, ServiceNow, Archer, SDLC, NetSparker, Coalfire, Dark Owl, NIST 800-53, SOX, and PCI-DSS. Will also accept any suitable combination of education, training, and/or experience. Job ID: JOB-235258 Publish Date: 01 May 2024