IT Analyst, Information Security (hybrid schedule)

Eversource will not offer immigration-related sponsorship for this position. Applicants who require immigration sponsorship—either now or in the future—should not apply. This includes, but is not limited to, direct company sponsorship, listing Eversource as the employer of record on immigration documents, or any work authorization that requires company involvement or documentation (e.g., H-1B, OPT, STEM OPT, CPT, TN, J-1, O-1, etc.).

Role and Scope of Position:
Responsible for the development, implementation and internal testing of IT control standards, and control procedures through facilitation and coordination of test of design, test of operation, and certifications, as required, for multiple platforms and various system environments. Provides direct support for new system implementations ensuring compliance with Eversource’s General IT Controls and Security Protocols.
Hold strong knowledge of the requirements of the Sarbanes Oxley (SOX) Act to perform annual risk assessment and walkthroughs, identify suggested changes or implementation of key controls through new process design, and perform operating effectiveness testing in accordance with annual department schedule.

Hybrid Work Policy

Eversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.

Essential Functions:

• Oversees policy, standards, guidelines, and control monitoring and testing.

• Conducts process design, analysis, documentation, implementation and testing activities.

• Analyzes communication and recommends troubleshooting/training (i.e., where appropriate for business process continuity).

• Participates in the testing and evaluation of new products and processes.

• Performs first level troubleshooting, analysis and monitoring of automated work processes for compliance to key security controls and practices.

• Effectively communicates issues and/or concerns to stakeholders and audit management throughout the course of your work

• Monitors implementation and completion of remediation efforts

• Performs monthly phishing tests, completes metrics, and communicates results to leadership.

• Conducts training and completes on IT Security topics to a wide audience

• Manages Data Classification and Security Program

Technical Knowledge/Skill/Education/Licenses/Certifications:

Technical Knowledge/Skill:

Technical Knowledge:

• The candidate chosen for this position will hold technical IT knowledge for establishing Policy, Standards, and Procedures aligned to NIST and other industry standards while mitigating risks of the company’s IT Security and General Computing Control framework.

• Familiarity with NIST standards.

• Full understanding of applicable state and federal legislation and industry specific regulations.

• The candidate chosen for this position will be the business system administrator for Archer GRC

Skills:

• Risk assessment ability and internal audit experience

• Excellent communication, interpersonal skills, and ability to train a wide audience of people

• Knowledge of IT security and infrastructure

• Knowledge of operating system platforms

• Excellent analytical skills

Education:

• Four-year college degree from an accredited institution; Bachelor’s Degree in Business, Accounting, IT, or related field with focus on information systems or related experience

Experience:

• Five (5) to eight (8) years related experience

• Strong knowledge of IT general controls related to information technology, information security, and change management of systems software, application source code, network, and system database technologies

• Experience in Training and Communications

Licenses & Certifications:

• None

Working Conditions:

• Must be available to work emergency restoration assignment as required.

• Must be available to travel between MA/CT/NH as necessary.

Mental Aspects:

• N/A

#LI-ES3

Competencies:

Build trusting relationships

Manage and develop people

Foster teamwork and cross-functional collaboration

Lead change

Communicate strategic vision

Create an engaged workforce

Focus on the customer

Take ownership & accountability

Compensation and Benefits:

Eversource offers a competitive total rewards program. Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive. The annual salary range for this position is:

$119,100.00-$132,330.00

Worker Type:

Regular

Number of Openings:

1

Emergency Response:

Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.

EEO Statement:

Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.

VEVRRA Federal Contractor