Operations Analyst 3 - First Tek, Inc.
Vancouver, WA 98666
About the Job
POSITION RESPONSIBILITIES
Note: All official drafts, documents and recommendations, as listed below, must be reviewed, finalized and approved / accepted by appropriate BPA manager or other federal personnel with the authority to do so.
Understand Transmission Technology Operational Services (TTO) organization's General Support System (GSS) structure and functional teams: Coordinate the TTO General Support System structure and functional teams and facilitate developing program strategies to link with the Federal Information Security Management Act (FISMA) based accreditation GSS structure.
Provide project management support for compliance mitigation plans and asset strategy initiatives:
Track mitigation dates and deliverables.
Follow-up with assigned resources to verify action items for mitigation plans are completed on-time.
Facilitate meetings to answer questions related to compliance and asset strategy plans and initiatives.
Create reports and timelines detailing status of mitigation plan activities.
Provide advance analytics (via Excel, Access, SharePoint, etc.) and data parsing to help expedite data call reporting.
Perform quarterly review of users with authorized cyber access to systems and unescorted physical access to Critical Cyber Assets (CCA) or Access and Control Monitoring (ACM) cyber assets; following pre-set guidelines and within established time constraints, verify accesses have been properly authorized per North American Reliability Cooperation (NERC) standards. Recommend and lead project initiatives and process improvement efforts dealing with Process Support and Management team processes.
Verify adherence to compliance processes is conducted by team on a day-to-day basis and develop work processes to improve compliance posture of BPA:
Review current processes against BPA policy and procedures to verify alignment, report to BPA management where any differences are found.
Evaluate current processes and policies that compliance standards for efficiency and accuracy to the standard. Recommend any changes to BPA management.
Draft management reporting tools that document and communicate the progress of standards-related activities to verify timely completion.
Participate in Incident Reviews and Rapid Response Team (RRT) meetings, representing the Implementing Manager in providing information, evidence and artifacts that apply to compliance incidents.
Reliability Compliance:
Provide monitoring, review, analysis, and other compliance support activities for the reliability program by validating information is reliable, consistent, and useful. Analysis includes potential impacts to Transmission programs and processes.
Provide recommendations to management and BPA SMEs to mitigate, comment on, or provide further review for NERC and Western Electricity Coordinating Council (WECC) proposed rulemaking and policies.
Utilize TT's library publishing process to verify documentation is up-to-date and of adequate quality; perform data tracking. Make recommendations for changing/enhancing organization and information navigation in TT's library structure.
Draft and recommend processes and procedures to support NERC Mandatory Reliability standards and Department of Energy (DOE) National Institute of Standard and Technology (NIST) and FISMA security requirements for review and approval by BPA management. This work may include:
Assist in development of training materials and job aids to support above.
Support the development of documentation necessary for reporting and audit requirements.
With oversight of the BPA manager/BPA staff, provide quality assurance support to verify that vetted and established compliance standards and guidelines are followed, alert BPA manager of any noted concerns or potential issues.
Provide support to NERC annual certification process and any other spot audit or compliance requests by assisting with data collection and review of compliance artifacts with Control Center (CC) SMEs, validating comments and evidence are sufficient to satisfy compliance reporting requirement(s); provide technical writing support as needed.
Draft and recommend procedures to accomplish reliability compliance tasks for the Control Center program for review and approval by BPA management. Assist BPA managers with the promotion and implementation of approved recommendations and adopted procedures, including:
Assist in the maintenance and execution of the implemented procedures.
Support Control Center audits by providing technical expertise, on-site real-time data call response coordination, data gathering, and technical writing support. All drafted materials related to audit responses are reviewed, edited, approved, and issued by BPA Federal staff.
Provide program support to the Performance Analysis manager, including:
Technical writing and coordination: Draft initial System Security and Compliance Plans (SSCP) and work with BPA resource managers to finalize SSCP for Authorization to Operate (ATO) certification. Validate that Plan(s) of Action and Milestones are linked to asset strategies.
Time management: Provide primary monitoring of key POAM (Plans of Action and Milestone) efforts and mitigation efforts dealing with compliance. Verify that these efforts contribute to the asset strategies.
Report on performance and accomplishments: Monitor Technical Feasibility Exceptions (TFE) and verify TFEs are updated and retired in a timely manner.
Data Call and Survey Coordination:
Provide direct support for data calls and industry surveys. This consists of review and analysis of existing documentation and any new/changing requirements, enlistment of appropriate SMEs input, and drafting of Control Center responses. All drafted materials related to responses will be reviewed and edited by BPA Federal staff.
Organize, monitor, analyze, and report on performance / metrics pertaining to data call artifacts collection and processes.
Maintain and update process artifacts, verifying they are up-to-date and of adequate quality (reliable, consistent, and useful).
Information Quality Control and Stewardship:
Inventory the information needs of Control Center's business programs and functions. Analyze business processes to identify gaps in information quality control and quality assurance. Recommend cost effective changes in processes and procedures to address such gaps.
Assist in Technology Approval and Change Management processes and procedures to quality control, quality assurance and improvement.
Assist in development and maintain performance metrics on the quality of key business information. Create, maintain, and periodically present executive dashboards of performance metrics to management.
Draft and provide briefings, as requested, to staff and managers on information quality to raise awareness and to transfer knowledge on information quality fundamentals and best-practices.
Provide input and recommendations concerning how information is organized and displayed in SharePoint and the Control Center Network (CCN) Library documentation, the quality and type of information included and retained, and coordination with management/subject matter experts to ensure the information needs of the organization are being met in a useful and efficient manner. Assist with the implementation of approved recommendations.
Control Center Asset Strategy Support:
Provide primary back-up to the TTO portion of the Control Center Asset Strategy program. Review, analyze, evaluate, and organize program information to validate that it is reliable, consistent, and useful.
Provide budgetary tracking and analysis for services, equipment orders, O&M trending cost, and expense tail tracking.
Security Privilege Coordination:
Process requests for cyber, physical, or logical access within the guidelines and regulations defined by NERC CIP standards, BPA policy and Control Center procedures.
Assist in tracking access (physical and cyber) privileges granted for the Control Center, maintaining current system, privilege, and resource manager information, per NERC guidelines and time constraints.
Coordinate with the Security and Compliance Team (SCT) and the training office for verification of NERC-CIP training, before granting new cyber, physical, or logical access and yearly to verify all current access grants maintain training requirements.
Verify all request for cyber, physical, or logical access have a valid Personal Risk Assessment (PRA) by checking the BPA Security Office PRA verification source or record or by contacting the Security Office directly.
Perform the revocation and reinstatement of access to BPA cyber and critical cyber assets; disabled because of Access Revocation processes or employee status changes.
Transfer data from Security Privilege Requests into the Cyber and Physical Access (CAPA) database. This includes:
Entering data and updates
Revoking and re-enabling privileges
Coordinate with customers to input authorized accounts and validate privileges in the CAPA database.
Coordinate, initiate, and maintain the Access Review process by working with BPA managers, Contracting Officer's Representatives (CORs), and SMEs to verify business need of the granted privileges and that only those privileges that are verified have been granted or retained access.
Coordinate with customers on Visitor Access Requests to the Control Centers.
Monitor Customer Relationship Management (CRM) cases assigned by the BPA Access Revocation Team for access privileges to be revoked or reviewed to determine whether revocation is required.
Review HRMIS/CCAR and other reports for access privileges to be revoked or reviewed to determine whether revocation is required.
Maintain up-to-date, auditable documentation of Security Privilege Control processes.
Propose and implement manager approved changes for continuous improvement.
Following pre-set guidelines and within established time constraints, perform review of users with authorized cyber access to systems and unescorted physical access to Critical Cyber Assets or Access and Control Monitoring (ACM) Cyber Assets, verifying they have been properly authorized per NERC standards.
Assist BPA manager/staff with review of users with authorized cyber access to all cyber assets or ACM cyber assets, electronic logical access request, as well as authorized physical access to Critical Cyber assets or ACM Cyber Assets.
Data Management:
Gather and document reporting requirements and work with TT counterparts to develop data exchange and reporting solutions, using the CCN database, Configuration Management System (CMS) database, library systems, and other record stores.
Assist BPA management in implementing and integration of automated data management procedures.
Collect, organize, and validate data and model results to establish data reporting completeness, accuracy, and quality.
Generate reports from various data repositories.
Assist BPA Management in implementing and integration of electronic reporting and customer interfaces for TTO supported services:
Research, analyze, model, and organize information for developing / drafting and recommending requirements.
Provide background information, technical input, solution options and weighted recommendations that facilitate decision making and that will enable key requirements of the subject initiative and other projects to be met. This may include arranging, attending, and facilitating decision-making sessions/meetings with Supply Chain management, Work Stream Leads, and key internal stakeholders, including drafting agendas, answering technical questions and presenting information, options and recommendations for decision-maker consideration.
Drafting training and tools to facilitate less-resistant move to new processes.
REQUIREMENTS
Education & Corresponding Experience (required on matrix)
An Associates or Bachelor's degree in Computer Science, Engineering, Business Management/Administration, Organizational Development or closely related technical discipline is preferred.
With an applicable Bachelor's degree, 8 years of experience is required.
With an applicable Associates degree, 10 years of experience is required.
Without an applicable degree or without a degree, 12 years of experience is required.
Experience should be directly related to business and/or operations analysis and progressively more technical in nature.
Required Technical Skills & Experience (required on matrix)
5 years of experience with the following:
Experience in written communication and technical writing sufficient to interpret SME's input and convert into meaningful performance target language.
Experience developing professional presentations and delivering/presenting them at the Executive level.
Expert proficiency in automated data systems to include Microsoft Access, Excel, SharePoint and Visio.
Additional Requirements (not required on matrix)
Valid U.S. Driver's License is required.
Note: All official drafts, documents and recommendations, as listed below, must be reviewed, finalized and approved / accepted by appropriate BPA manager or other federal personnel with the authority to do so.
Understand Transmission Technology Operational Services (TTO) organization's General Support System (GSS) structure and functional teams: Coordinate the TTO General Support System structure and functional teams and facilitate developing program strategies to link with the Federal Information Security Management Act (FISMA) based accreditation GSS structure.
Provide project management support for compliance mitigation plans and asset strategy initiatives:
Track mitigation dates and deliverables.
Follow-up with assigned resources to verify action items for mitigation plans are completed on-time.
Facilitate meetings to answer questions related to compliance and asset strategy plans and initiatives.
Create reports and timelines detailing status of mitigation plan activities.
Provide advance analytics (via Excel, Access, SharePoint, etc.) and data parsing to help expedite data call reporting.
Perform quarterly review of users with authorized cyber access to systems and unescorted physical access to Critical Cyber Assets (CCA) or Access and Control Monitoring (ACM) cyber assets; following pre-set guidelines and within established time constraints, verify accesses have been properly authorized per North American Reliability Cooperation (NERC) standards. Recommend and lead project initiatives and process improvement efforts dealing with Process Support and Management team processes.
Verify adherence to compliance processes is conducted by team on a day-to-day basis and develop work processes to improve compliance posture of BPA:
Review current processes against BPA policy and procedures to verify alignment, report to BPA management where any differences are found.
Evaluate current processes and policies that compliance standards for efficiency and accuracy to the standard. Recommend any changes to BPA management.
Draft management reporting tools that document and communicate the progress of standards-related activities to verify timely completion.
Participate in Incident Reviews and Rapid Response Team (RRT) meetings, representing the Implementing Manager in providing information, evidence and artifacts that apply to compliance incidents.
Reliability Compliance:
Provide monitoring, review, analysis, and other compliance support activities for the reliability program by validating information is reliable, consistent, and useful. Analysis includes potential impacts to Transmission programs and processes.
Provide recommendations to management and BPA SMEs to mitigate, comment on, or provide further review for NERC and Western Electricity Coordinating Council (WECC) proposed rulemaking and policies.
Utilize TT's library publishing process to verify documentation is up-to-date and of adequate quality; perform data tracking. Make recommendations for changing/enhancing organization and information navigation in TT's library structure.
Draft and recommend processes and procedures to support NERC Mandatory Reliability standards and Department of Energy (DOE) National Institute of Standard and Technology (NIST) and FISMA security requirements for review and approval by BPA management. This work may include:
Assist in development of training materials and job aids to support above.
Support the development of documentation necessary for reporting and audit requirements.
With oversight of the BPA manager/BPA staff, provide quality assurance support to verify that vetted and established compliance standards and guidelines are followed, alert BPA manager of any noted concerns or potential issues.
Provide support to NERC annual certification process and any other spot audit or compliance requests by assisting with data collection and review of compliance artifacts with Control Center (CC) SMEs, validating comments and evidence are sufficient to satisfy compliance reporting requirement(s); provide technical writing support as needed.
Draft and recommend procedures to accomplish reliability compliance tasks for the Control Center program for review and approval by BPA management. Assist BPA managers with the promotion and implementation of approved recommendations and adopted procedures, including:
Assist in the maintenance and execution of the implemented procedures.
Support Control Center audits by providing technical expertise, on-site real-time data call response coordination, data gathering, and technical writing support. All drafted materials related to audit responses are reviewed, edited, approved, and issued by BPA Federal staff.
Provide program support to the Performance Analysis manager, including:
Technical writing and coordination: Draft initial System Security and Compliance Plans (SSCP) and work with BPA resource managers to finalize SSCP for Authorization to Operate (ATO) certification. Validate that Plan(s) of Action and Milestones are linked to asset strategies.
Time management: Provide primary monitoring of key POAM (Plans of Action and Milestone) efforts and mitigation efforts dealing with compliance. Verify that these efforts contribute to the asset strategies.
Report on performance and accomplishments: Monitor Technical Feasibility Exceptions (TFE) and verify TFEs are updated and retired in a timely manner.
Data Call and Survey Coordination:
Provide direct support for data calls and industry surveys. This consists of review and analysis of existing documentation and any new/changing requirements, enlistment of appropriate SMEs input, and drafting of Control Center responses. All drafted materials related to responses will be reviewed and edited by BPA Federal staff.
Organize, monitor, analyze, and report on performance / metrics pertaining to data call artifacts collection and processes.
Maintain and update process artifacts, verifying they are up-to-date and of adequate quality (reliable, consistent, and useful).
Information Quality Control and Stewardship:
Inventory the information needs of Control Center's business programs and functions. Analyze business processes to identify gaps in information quality control and quality assurance. Recommend cost effective changes in processes and procedures to address such gaps.
Assist in Technology Approval and Change Management processes and procedures to quality control, quality assurance and improvement.
Assist in development and maintain performance metrics on the quality of key business information. Create, maintain, and periodically present executive dashboards of performance metrics to management.
Draft and provide briefings, as requested, to staff and managers on information quality to raise awareness and to transfer knowledge on information quality fundamentals and best-practices.
Provide input and recommendations concerning how information is organized and displayed in SharePoint and the Control Center Network (CCN) Library documentation, the quality and type of information included and retained, and coordination with management/subject matter experts to ensure the information needs of the organization are being met in a useful and efficient manner. Assist with the implementation of approved recommendations.
Control Center Asset Strategy Support:
Provide primary back-up to the TTO portion of the Control Center Asset Strategy program. Review, analyze, evaluate, and organize program information to validate that it is reliable, consistent, and useful.
Provide budgetary tracking and analysis for services, equipment orders, O&M trending cost, and expense tail tracking.
Security Privilege Coordination:
Process requests for cyber, physical, or logical access within the guidelines and regulations defined by NERC CIP standards, BPA policy and Control Center procedures.
Assist in tracking access (physical and cyber) privileges granted for the Control Center, maintaining current system, privilege, and resource manager information, per NERC guidelines and time constraints.
Coordinate with the Security and Compliance Team (SCT) and the training office for verification of NERC-CIP training, before granting new cyber, physical, or logical access and yearly to verify all current access grants maintain training requirements.
Verify all request for cyber, physical, or logical access have a valid Personal Risk Assessment (PRA) by checking the BPA Security Office PRA verification source or record or by contacting the Security Office directly.
Perform the revocation and reinstatement of access to BPA cyber and critical cyber assets; disabled because of Access Revocation processes or employee status changes.
Transfer data from Security Privilege Requests into the Cyber and Physical Access (CAPA) database. This includes:
Entering data and updates
Revoking and re-enabling privileges
Coordinate with customers to input authorized accounts and validate privileges in the CAPA database.
Coordinate, initiate, and maintain the Access Review process by working with BPA managers, Contracting Officer's Representatives (CORs), and SMEs to verify business need of the granted privileges and that only those privileges that are verified have been granted or retained access.
Coordinate with customers on Visitor Access Requests to the Control Centers.
Monitor Customer Relationship Management (CRM) cases assigned by the BPA Access Revocation Team for access privileges to be revoked or reviewed to determine whether revocation is required.
Review HRMIS/CCAR and other reports for access privileges to be revoked or reviewed to determine whether revocation is required.
Maintain up-to-date, auditable documentation of Security Privilege Control processes.
Propose and implement manager approved changes for continuous improvement.
Following pre-set guidelines and within established time constraints, perform review of users with authorized cyber access to systems and unescorted physical access to Critical Cyber Assets or Access and Control Monitoring (ACM) Cyber Assets, verifying they have been properly authorized per NERC standards.
Assist BPA manager/staff with review of users with authorized cyber access to all cyber assets or ACM cyber assets, electronic logical access request, as well as authorized physical access to Critical Cyber assets or ACM Cyber Assets.
Data Management:
Gather and document reporting requirements and work with TT counterparts to develop data exchange and reporting solutions, using the CCN database, Configuration Management System (CMS) database, library systems, and other record stores.
Assist BPA management in implementing and integration of automated data management procedures.
Collect, organize, and validate data and model results to establish data reporting completeness, accuracy, and quality.
Generate reports from various data repositories.
Assist BPA Management in implementing and integration of electronic reporting and customer interfaces for TTO supported services:
Research, analyze, model, and organize information for developing / drafting and recommending requirements.
Provide background information, technical input, solution options and weighted recommendations that facilitate decision making and that will enable key requirements of the subject initiative and other projects to be met. This may include arranging, attending, and facilitating decision-making sessions/meetings with Supply Chain management, Work Stream Leads, and key internal stakeholders, including drafting agendas, answering technical questions and presenting information, options and recommendations for decision-maker consideration.
Drafting training and tools to facilitate less-resistant move to new processes.
REQUIREMENTS
Education & Corresponding Experience (required on matrix)
An Associates or Bachelor's degree in Computer Science, Engineering, Business Management/Administration, Organizational Development or closely related technical discipline is preferred.
With an applicable Bachelor's degree, 8 years of experience is required.
With an applicable Associates degree, 10 years of experience is required.
Without an applicable degree or without a degree, 12 years of experience is required.
Experience should be directly related to business and/or operations analysis and progressively more technical in nature.
Required Technical Skills & Experience (required on matrix)
5 years of experience with the following:
Experience in written communication and technical writing sufficient to interpret SME's input and convert into meaningful performance target language.
Experience developing professional presentations and delivering/presenting them at the Executive level.
Expert proficiency in automated data systems to include Microsoft Access, Excel, SharePoint and Visio.
Additional Requirements (not required on matrix)
Valid U.S. Driver's License is required.
Source : First Tek, Inc.