Herndon, VA, US

Function:  Digital Technology & Innovation
Job Category:  Digital Technology and Open Innovation

Cybersecurity Risk & Compliance Analyst

Wärtsilä Energy Storage & Optimization (ES&O) is the leading global energy storage optimizer. Our mission is to deliver integrated energy solutions that build a resilient, intelligent, and flexible energy infrastructure - unlocking the way to an optimized renewable future. By integrating renewables, energy management technology, and storage with traditional energy resources, we reinvent clean energy production from the largest and most complex grids to the most remote and essential microgrids. We play a key role in Wärtsilä’s vision towards a 100% renewable energy future through flexibility, reliability, and integration and a more sustainable world for us all.


Wärtsilä’s Energy Storage & Optimization business unit is looking for a Security and Compliance Specialist to join our growing software team located in our software development center in Herndon, VA, USA. This position will be hybrid.  This role will focus on ensuring our compliance to industry standard security models (IEC 62443, SOC 2, NERC CIP/NIST-800, ISO 27001) as well as advising our development organization on security related issues. Be a key part of our mission to expand the use of reliable renewable energy throughout the world!


 As an integral part of our development operations team, you will:
• Lead our cybersecurity compliance and documentation efforts as it relates to our Operational Technology (OT) products for power plants.
• Be our SME for all things security compliance, including compliance with IEC 62443 & SOC 2.
• Recommend tools to help us manage compliance (either self-hosted or SaaS-based) and help with monitoring their conclusions and addressing them to enhance our cybersecurity posture.
• Work closely with technical teams throughout the Energy Storage & Optimization organization to aid in compliance related projects.
• Conduct internal audits, assess compliance gaps, and develop remediation plans to address deficiencies.
• Interface with customers, outside consultants, and auditors to coordinate handling of security issues.
• Create technical whitepapers and assist marketing & sales with promotional materials explaining our security measures, for customer consumption.
• Work with global sales teams to analyze and address regional cybersecurity standards and document how our products address them.
• Develop security policies, standards, and guidelines for our software development and operations teams to follow regarding security compliance.
• Stay up to date with changing requirements in cyber security and help us keep up with them.
• Help us refine our Software Development Lifecycle to ensure continuing security compliance.


• Demonstrated experience in implementing, auditing, or maintaining compliance with industry standard frameworks. Five or more years practical experience in cybersecurity, information security or compliance roles is strongly preferred.
• Sound experience and understanding of computer software and hardware, in both on-premises and cloud environments.
• Strong demonstrated skills in risk assessment, management and mitigation strategies, particularly including the ability to identify and address potential security threats and vulnerabilities.
• Strong attention to detail in regard to documenting and tracking adherence of the company to customer cybersecurity requirements (focused on OT environments).
• Proficiency in various technical areas including network security, application security, encryption technologies, identity and access management, and security incident response.
• Capacity to work in a fast-paced, dynamic and highly technical environment.
• Willingness to stay up to date with the latest trends, technologies and best practices as the world of cyber security evolves.


Other Qualifications
• A bachelor's degree in computer science, information technology, cyber security, a related field, or equivalent combination of education & experience.
• Advanced degrees or certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are beneficial.
• Excellent verbal and written English communication skills are necessary for effectively communicating compliance requirements, audit findings, and remediation plans to stakeholders at all levels of the organization.


We Offer You
•Competitive salary and significant upside in your career path as we are growing fast.
•Dynamic, technology centric working environment within an extremely focused team.
•Opportunity to lead the development of real-world applications with lasting impacts on green energy, the smart grid industry, and fighting global warming.


Last application date: 29/04/2024 


Why you and us:

You will be a part of a global organization with local presence and work in an exciting and dynamic working environment with highly motivated and skilled co-workers. We offer interesting and challenging work tasks, as well as personal and professional development in a great team. If you feel excited by being a part of this working environment and think your personal skills and qualities match the job requirements, we look forward to receiving your job application. At Wärtsilä we value, respect and embrace all our differences, and are committed to diversity, inclusion and equal employment opportunities; everyone can be their true self and succeed based on their job-relevant merits and abilities.


Successful applicant must be authorized to work in the USA without sponsorship. We look forward to hearing from you. Qualified candidates must apply online: https://www.wartsila.com/careers


Individuals hired for positions that require on-site customer interactions and/or in-person travel may be required to be fully vaccinated against COVID-19 or other country-specific vaccinations, unless otherwise prohibited by law. Wärtsilä North America values our employees. We offer a competitive salary and comprehensive benefits package. Wärtsilä North America is an EOE/AA employer.





Nearest Major Market: Washington DC