Info Security Analyst

This Opportunity

WSP is seeking an Information Security Analyst to join our cyber security team. The ideal candidate will have experience with NERC CIP compliance, particularly CIP 014-3, and a solid background in other frameworks such as PCI. This role involves ensuring our organization adheres to regulatory requirements and industry standards, while working closely with our cyber security analysts to maintain a robust security posture. This is a remote position. 

Your Impact

Key Responsibilities:

• NERC CIP Compliance: Ensure compliance with NERC CIP standards, with a focus on CIP 014-3. Conduct risk assessments, develop physical security plans, and implement measures to protect critical infrastructure.
• PCI Compliance: Assist in maintaining PCI DSS compliance by implementing and monitoring security controls to protect cardholder data. Conduct regular audits and assessments to verify compliance.
• Policy Development and Implementation: Develop, review, and update compliance policies, procedures, and standards. Ensure these policies are effectively communicated and enforced across the organization.
• Risk Assessments and Audits: Perform regular risk assessments and compliance audits to identify and address potential gaps. Provide recommendations for improving compliance and security measures.
• Incident Response: Collaborate with the cyber security team to respond to security incidents. Ensure incidents are documented, reported, and managed in accordance with regulatory requirements.
• Collaboration and Communication: Work closely with IT, legal, and other departments to ensure a cohesive approach to compliance. Communicate compliance risks and strategies to stakeholders.

Who You Are 

Minimum Qualifications:

• Bachelor’s degree in cyber security, Information Technology, Compliance, or a related field. Relevant certifications (e.g., CISA, CISSP, CISM) are highly desirable.
• Minimum of 3-5 years of experience in compliance, with a focus on NERC CIP standards and PCI DSS. Specific experience with NERC CIP is required.
• Proficiency in compliance management tools and security technologies. Strong understanding of regulatory frameworks and industry standards.
• In-depth knowledge of NERC CIP standards, especially CIP 014-3, and also PCI DSS requirements. Familiarity with risk assessment methodologies and incident response procedures.
• Strong analytical and problem-solving skills. Ability to assess complex compliance issues and develop effective solutions.
• Excellent verbal and written communication skills. Ability to convey technical information to non-technical stakeholders.

Preferred Qualifications:

• Experience with other regulatory frameworks and standards (e.g., ISO 27001, FISMA, FedRAMP).
• Familiarity with physical security measures and risk assessments for critical infrastructure.

Working Conditions:

• This position may require occasional travel to various company locations.
• Availability for on-call support and incident response as needed.

WSP Benefits: 

WSP provides a comprehensive suite of benefits focused on a providing health and financial stability throughout the employee’s career. These benefits include coverage related to medical, dental, vision, disability, and life; retirement savings; paid sick leave; paid vacation (or other personal time); paid parental leave; and paid time off for purposes of bereavement, voting, and/or attendance at naturalization proceedings. 

Expected Salary (Colorado only): $ 73,100-117,700

WSP USA is providing the compensation range that the company in good faith believes it might pay and/or offer for this position within the state of Colorado, based on the successful applicant’s education, experience, knowledge, skills, and abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

Compensation:

Expected Salary (all locations): $87,700 - $125,400

WSP USA is providing the compensation range that the company in good faith believes it might pay and offer for this position, based on the successful applicant’s education, experience, knowledge, skills, abilities in addition to internal equity and specific geographic location. WSP USA reserves the right to ultimately pay more or less than the posted range and offer additional benefits and other compensation, depending on circumstances not related to an applicant’s sex or other status protected by local, state, and/or federal law.

#LI-MP1

WSP USA is the U.S. operating company of WSP, one of the world's leading engineering and professional services firms. Dedicated to serving local communities, we are engineers, planners, technical experts, strategic advisors and construction management professionals. WSP USA designs lasting solutions in the buildings, transportation, energy, water and environment markets. With more than 15,000 employees in over 300 offices across the U.S., we partner with our clients to help communities prosper.

www.wsp.com

WSP provides a flexible and agile workplace model while meeting client needs. Employees are also afforded a comprehensive suite of benefits including medical, dental, vision, disability, life, and retirement savings focused on providing health and financial stability throughout the employee’s career.

At WSP, we want to give our employees the challenges they seek to grow their careers and knowledge base. Your daily contributions to your team will be essential in meeting client objectives, goals and challenges. Are you ready to get started?

WSP USA (and all of its U.S. companies) is an Equal Opportunity Employer Race/Age/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Disability or Protected Veteran Status.

The selected candidate must be authorized to work in the United States.

NOTICE TO THIRD PARTY AGENCIES:

WSP does not accept unsolicited resumes from recruiters, employment agencies, or other staffing services. Unsolicited resumes include any resume or hiring document sent to WSP in the absence of a signed Service Agreement where WSP has expressly requested recruitment/staffing services specific to the position at hand.  Any unsolicited resumes, including those submitted to hiring managers or other business leaders, will become the property of WSP and WSP will have the right to hire that candidate without reservation – no fee or other compensation will be owed or paid to the recruiter, employment agency, or other staffing service.