Sr. Analyst, Security Governance (Remote) Fulltime

COMPANY OVERVIEW

As the nation’s largest producer of clean, carbon-free energy, Constellation is a company purposely-built to meet the challenges of the climate crisis. Constellation has been the leader in clean energy production for more than a decade and we are growing our company and capabilities. Now, we’re accelerating, speeding our low-carbon or no-carbon power to more people in more places, day and night, providing our customers and communities with options to buy, manage and use energy as part of their decarbonization mission. The race is on to confront the climate crisis and Constellation is ready to meet the challenge. Come join us as we lead energy, together.

TOTAL REWARDS

Constellation offers a wide range of benefits and rewards, designed to help our employees thrive professionally and personally. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays and sick days; and much more.

Expected salary range of $103,500 to $115,000, varies based on experience, along with comprehensive benefits package that includes bonus and 401(k).

PRIMARY PURPOSE OF POSITION

Engage in job duties outlined below, to reduce risk exposure in areas of cyber and physical security; and to promote our mission of safeguarding the people, property, reputation and shareholder value of the corporation.
• Collaborate, verify, advise, and communicate with Corporate Functional Area Managers (CFAMs) related to Management Model document updates, ensuring consistency.
• Facilitate Peer Group Meetings in order to determine appropriate actions. Update and socialization of program documents, policies, and procedures.
• Responsible for the day-to-day execution and maintenance of security exceptions.
• Maintain, track, and review security exception to clearly assess risks to established security procedures.
• Maintain, track, and review security exception remediations to ensure proper measures are taken place where applicable.
• Perform, track, and document controls certification results.
• Manage Security Controls Program (SCP) Remediation Project Plans.
• Update job aids to accommodate changes and test prior to implementation to ensure quality messaging.
• Provide the business and technical team with a more holistic view of risk, regarding the system or technology of interest.
• Design and distribute change management materials with respect to security controls certification, exceptions, and remediation.
• Identify possible controls, countermeasures, and safeguards that can reduce the risk exposure to an acceptable level. Perform document risk analysis.
• Interact with internal business stakeholders to define, execute, and deliver appropriate analysis.
• Process ad-hoc requests for security exception reporting and analysis.

PRIMARY DUTIES AND ACCOUNTABILITIES
• Drive and execute relevant Management Model document update activities.
• Respond to, approve, and dispatch security exception requests, including the risk assessments of those exceptions, in a timely manner.
• Process security exceptions and perform risk analyses and remediation for those exceptions.
• Track and document certification results analysis.
• Support the business development and maintenance of Governance Risk and Compliance (GRC) system.
• Perform compliance activities including control testing, self-assessments and support engagements with internal and external auditors and support vendors.
• Recommend and implement change and process improvements to the cyber compliance areas to ensure sustained compliance and operational efficiencies.
• Provide functional and technical support for the Constellation GRC platform.

MINIMUM QUALIFICATIONS
• Bachelors degree in Information Technology, Cybersecurity, or Computer Science plus 5-8 years of relevant experience or, in lieu of a degree a minimum of 9-12 years of relevant experience.
• Strong communication skills, both written and oral
• Strong analytical and problem-solving skills with the ability to analyze data, identify opportunities, determine solutions, identify and obtaining needed resources, and execute to completion
• Knowledge of PC/desktop workstation applications: Microsoft Word, Excel, Outlook, PowerPoint
• Knowledge of security concepts, terminology, and tools
• Advanced technical knowledge of databases, database queries, and database reporting

PREFERRED QUALIFICATIONS
• Advanced degree
• Certification: Information Systems Audit and Control Association (ISACA), Certified Information Systems Security Professional (CISSP), SANS, and other related technical certifications

Tagged as: Sr analyst