Talent.com
serp_jobs.error_messages.no_longer_accepting
Cybersecurity Analyst I / II | Operations

Cybersecurity Analyst I / II | Operations

APSPHOENIX, AZ, US
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Cybersecurity Analyst I / II | Operations

As a Cybersecurity Analyst, you will help safeguard critical infrastructure and ensure compliance with evolving regulatory and cybersecurity standards. Your work will directly support the secure and reliable delivery of energy.

What your day would be like :

You are responsible for :

  • Supporting the implementation and continuous improvement of cybersecurity governance, risk, and compliance programs aligned with NIST Cybersecurity Framework, NIST SP 800-53, NIST Privacy Framework NERC CIP, etc.
  • Conducting control assessments, risk evaluations, and gap analyses to ensure compliance with internal policies and external regulatory requirements (e.g., NERC CIP, FERC, SOX).
  • Collaborating with IT, OT, and Compliance teams to identify, document, and remediate control deficiencies across enterprise and operational technology environments.
  • Maintaining risk registers, tracking mitigation plans, and preparing reports for internal stakeholders and regulatory bodies.
  • Monitoring changes in cybersecurity regulations and best practices to ensure the organization remains compliant and resilient.
  • Leveraging Power BI to develop dashboards and visual reports that track cybersecurity risk metrics, control effectiveness, and compliance trends across the organization.
  • Utilizing ServiceNow to manage GRC workflows, analyze risk and compliance data, and generate insights that support informed decision-making and continuous improvement.

The kinds of people we want to talk to have done many of the following :

  • A basic understanding or familiarity of regulatory frameworks (such as NIST CSF, SP 800-53, or the NIST Privacy Framework) or similar frameworks.
  • Exposure to cybersecurity risk assessments, control evaluations, or compliance activities, either through hands-on experience or academic / professional development.
  • The ability to interpret regulatory or policy requirements and contribute to practical, risk-informed solutions.
  • Strong analytical thinking, attention to detail, and clear communication skills—especially when working across technical and non-technical teams.
  • A growth mindset, curiosity about evolving cybersecurity and privacy standards, and a desire to contribute to a mission-driven organization.

    • This is an opportunity to make a real impact by protecting critical systems, building your cybersecurity career, and contributing to the safe and reliable delivery of energy.

    Minimum Requirements

    Cybersecurity Analyst I | Operations

  • Bachelors' degree in computer science, business administration, finance, accounting or related field
  • PLUS one (1) year of prior relevant experience or equivalent combination of education and directly related experience.
  • Requires basic technical subject matter knowledge within a job area or system

    • Cybersecurity Analyst II | Operations

  • Bachelors' degree in Computer Information Systems (CIS) or related field and two (2) years of prior relevant experience or equivalent combination of education and directly related experience.
  • Requires intermediate level technical subject matter knowledge within a job area or system

    • Preferred Special Skills, Knowledge or Qualifications

  • Basic understanding of IT security controls and interest in learning how to apply frameworks such as NIST 800-53, the NIST Cybersecurity Framework, or NERC Critical Infrastructure Protection.
  • Capable of evaluating cybersecurity controls to support compliance with both internal standards and external regulations
  • Exposure to GRC platforms (ServiceNow GRC, Archer, MetricStream) with a desire to learn how these tools support policy management, compliance tracking, and risk assessments.
  • Familiarity with data analysis tools (Excel, Power BI, Tableau) and an interest in developing skills to aggregate and interpret data from various cybersecurity sources.
  • Assist in drafting and maintaining cybersecurity policies and procedures, with guidance, to support compliance with regulatory and technical standards.
  • Some exposure to regulated environments or cybersecurity frameworks (e.g., NERC / CIP).
  • At least one of the following certifications is desired but not required : COMPTIA (Security+, Network+); EC-COUNCIL (ECSA), SANS / GIAC (GSEC, GPPA, GISF, GISP); ISACA (CRISC)

    • Major Accountabilities

    1) Assist in the development, review, and management of cybersecurity policies, processes, and standards.

    2) Support effort to map external regulatory requirements to internal control objectives to ensure traceability and alignment.

    3) Participate in control validation assessments and document findings to demonstrate control effectiveness.

    4) Support the identification and management of cybersecurity risks across both IT and OT environments.

    5) Contribute to the creation and improvement of processes and assessments that support control testing and validation

    6) Build and maintain reports, metrics, and dashboards for internal stakeholders and executive leaders.

    7) Effectively communicate cybersecurity risk and compliance status to stakeholders and executive leadership in a clear and concise manner.

    8) Create and deliver training for targeted system users (in-person and virtual).

    9) Participate in APS' internal security awareness program, helping to present on topics such as phishing, ransomware, password safety, and data privacy to audiences of varying sizes.

    serp_jobs.job_alerts.create_a_job

    Cybersecurity Analyst • PHOENIX, AZ, US