Analyst II, Cyber Security Programs

Invenergy drives innovation in energy. Powered by decades of entrepreneurial experience and unparalleled execution, we solve the energy challenges facing our customers and communities. We provide power generation and storage solutions at scale around the world to create a cleaner energy future. We develop. We build. We own. We operate. We are Invenergy.

This position will be open for application for at least 3 calendar days from the posting date. This position will remain open for application based on business need, which may be before or after the 3-day posting window.

Job Description

Position Overview:

Invenergy is seeking an Analyst II (Cybersecurity Programs) to support the development, execution, and oversight of our cybersecurity governance, risk, and compliance initiatives. This role will assist in enhancing security policies, managing third-party risk assessments, supporting NERC CIP compliance, and promoting enterprise-wide security awareness. The ideal candidate is a proactive and detail-oriented professional with a solid foundation in cybersecurity frameworks, IT controls, and risk management, eager to contribute to a growing and dynamic cybersecurity program.

Responsibilities:

Support the Director of Cyber Security Programs in managing the organization's information security and cybersecurity governance, risk, and compliance programs.

Assist in the development, enhancement, and enforcement of cybersecurity policies, standards, and procedures across the enterprise.

Partner with IT and business units to communicate policy requirements, ensure understanding, and drive compliance.

Coordinate third-party risk management (TPRM) activities, including vendor security assessments and due diligence.

Conduct assessments to evaluate the design and operating effectiveness of IT controls, identify control gaps, and assist in remediation planning.

Support the development and delivery of security awareness training to promote a security-first culture across the organization.

Act as a liaison for cybersecurity-related requests, collaborating with internal teams including Legal, Information Governance, Security Operations and Security Architecture.

Assist in maintaining compliance with NERC CIP standards through evidence collection, audit support, and tracking follow-up actions.

Track, analyze, and report on cybersecurity KPIs and metrics, identifying trends and opportunities for improvement.

Manage or support cybersecurity projects and initiatives, ensuring they are delivered on time and aligned with organizational goals.

Participate in cybersecurity incident response activities and post-incident reviews in a support role.

Minimum Qualifications:

Minimum 3 years of professional experience in cybersecurity, IT security, or GRC.

Security Frameworks: Strong knowledge of Cyber Security frameworks such as NIST SP 800-53, CIS Controls, or ISO/IEC 27001.

Experience conducting security risk assessments.

Eligible to work in the United States without the need for employer visa sponsorship now or in the future.

Preferred Qualifications:

Bachelor's degree in related field.

Industry Experience: Background in the energy or utilities sector, particularly with experience in NERC CIP compliance or other critical infrastructure regulations.

Consulting/Audit Background: Experience in consulting, advisory, or IT audit roles with a focus on cybersecurity or compliance.

Certifications: Professional certifications such as CISA, CISSP, CISM, CEH, GIAC GSEC, or equivalent credentials.

Tools & Technologies: Hands-on experience with GRC platforms and security tools, especially Microsoft 365 Security, Azure Security, and tools like UpGuard, Servicenow and Smartsheet.

Project Management: Strong organizational skills with the ability to manage multiple tasks, meet deadlines, and prioritize work effectively.

Communication: Excellent written and verbal communication skills, with the ability to produce clear documentation and engage diverse stakeholders.

Professionalism: Self-starter with a proactive mindset, strong attention to detail, and the ability to work independently and collaboratively.

Regulatory compliance: Experience with NERC CIP.

Base Pay

$75,000.00 - $100,000.00 USD Annual

Bonus: 15%

The base pay range reflects the minimum and maximum target salary for the position. Invenergy considers a number of factors when determining base pay offers such as the scope and responsibilities of the position and the candidate's experience, education and skills.

In addition to base pay, the total annual compensation package may also include eligibility to participate in our bonus program(s) which are designed to reward individual and company performance. Your recruiter can share more about bonus eligibility for this position during the hiring process.

Invenergy offers a variety of other benefits including medical, dental and vision insurance, 401k, paid time off, etc.

Invenergy LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or disability.

R09227