Advanced Metering Infrastructure (AMI) Project RMP
Our client is seeking a security auditor to assess their AMI Solution against NISTIR 7628 Revision 1, Guidelines for Smart Grid Security at a high impact level.
This service will be performed remotely and on-site at offices located in Portland, OR and Salt Lake City, UT.
The Senior Security Consultant will report to the Principal Security Architect and work with the project team to audit AMI vendor against NISTIR 7682 controls, provide a punch list of gaps and recommendations, review evidence of punch list completion and provide timely and accurate status reporting to project stakeholders.
Advanced Metering Infrastructure (AMI) Project RMP Responsibilities
Audit AMI Vendor compliance with all controls in NISTIR 7628 Revision 1 at a high impact level. In addition to remote data collection, we estimate 3-5 days of onsite activity with vendor for audit activities.
Provide detailed list of gaps and recommendations based on results of audit.
Evaluate evidence of gap and recommendation remediation.
Report to Senior Management regarding audit and remediation results. We estimate 3 on-site visits for reporting purposes.
Provide additional security consulting to the AMI project as needed to ensure project success and compliance with security objectives.
Provide timely and accurate status reporting to project stakeholders.
This assignment consists of three phases:
Phase 1 – Initial Audit.
Remote and on-site data collection followed by evaluation, report, and punch list of gaps and recommendations.
Phase 2 – Remediation
Ad-hoc evaluation of remediation evidence during interim period on a mutually agreeable schedule
Phase 3 – Final Review and Executive Reporting.
Final audit statement and presentation to executive management.
Gap assessment and final audit report will be shared with the AMI Vendor for purposes of security remediation.
Advanced Metering Infrastructure (AMI) Project RMP Qualifications
Bachelor’s Degree in Computer Science, Information Systems, Management or related field; or the equivalent combination of education and experience.
A minimum of seven years related experience resulting in demonstrated skills in technology architecture design and consultation.
Relevant security experience with AMI deployments.
Expertise within information security and security engineering, with hands-on experience of a diverse range of security technologies.
Demonstrated experience teaming with business and IT stakeholders at all levels to deliver and sustain high caliber consulting on projects and operations.
Ability to produce high quality system and security architecture requirements, design documentation and communicate those concepts to technical staff and IT leadership.
Excellent problem solving, analytical, communication, organization, task and time management skills.
Expertise with the following concepts, frameworks and technologies:
Defense in depth security models and security management practices.
ISO 27001 Security Framework.
NISTIR 7628 Revision 1, Guidelines for Smart Grid Security.
The Center for Internet Security Controls for Effective Cyber Defense.
Enterprise authentication and authorization (Active directory, LDAP, etc.).
Public Key Infrastructure.
Firewall, IDS/IPS, Encryption and Authentication techniques, Relational Databases.
Network and web-related protocols.
Benefits are available to eligible VanderHouwen contractors and include coverage for medical, dental, vision, life insurance, short and long term disability, and matching 401k.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.
Not Ready to Apply?