Program Business Analyst

Northern Virginia Electric Cooperative (NOVEC) is currently looking for a Program Business Analyst to join our team in the Manassas, VA office.  This role will be responsible for planning, establishing, documenting, leading and working with NOVEC IT and OT in the implementation and ongoing oversight of the NOVEC Cyber Security program to ensure compliance with North American Electric Reliability Corporation (NERC), Critical Infrastructure Protection (CIP) standards and regulatory requirements using CIS Controls security best practices.


ESSENTIAL DUTIES AND RESPONSIBILITIES will include, but are not limited to, the following:

  • Develop “best practices” procedures, polices, standards and methods for Cyber Security Program in NOVEC IT and OT (SCADA Systems) including Cyber Security Audit procedures, checklist and metrics using CIS Controls security best practices.
  • Define documents and update NOVEC cyber assets and the associated electronic security perimeter (ESP) and IT physical security perimeter; manage technical and procedural controls to enforce and monitor electronic and physical access to cyber assets.
  • Ensure controls are in place to monitor and control on-site and off-site contractor personnel with access to NOVEC cyber assets.
  • Assist in NOVEC configuration management and patch management of Change Control Board activities.
  • Establish and execute cyber security employee awareness programs and training programs for all IT cyber asset users including Phishing test campaigns. Conduct annual cyber security exercises. Secure and update employee data across different NOVEC platforms in order to provide/display accurate information internally.
  • Keep abreast of cyber security regulatory requirements, industry standards and cyber security threats.  


EDUCATION AND/OR EXPERIENCE:                                              

Bachelor’s degree in Computer Science, Information Systems, Cyber Security or a directly related technical field is required or equivalent combination of education and related experience. Security+, CASP, CISA or other IT audit related certifications is preferred. Experience with common NIST Cybersecurity Framework, ITIL, COBIT, CIS etc. is desired.

Minimum one year of experience working with the area of IT Cyber Security and audit is required.



  • Demonstrated ability to apply analytical methodology to problem solving and decision making and relate theoretical and/or technical concepts to practical application.
  • Demonstrated ability to anticipate and meet rapidly changing customer and business needs while motivating team members and stakeholders by focusing on the highest priority objectives. 
  • Demonstrated ability to communicate effectively and efficiently with all levels of staff and the general public both orally and in writing while maintaining professionalism under all circumstances.
  • Sound problem resolution, judgment, business analysis, and decision-making skills.
  • Demonstrated knowledge of IT and cyber security concepts and practices.
  • Demonstrated ability to produce results in a data intensive environment.  Demonstrated ability to quickly learn and understand information systems requirements to produce results.
  • Demonstrated ability to handle and maintain integrity of sensitive material and confidential business data.
  • Demonstrated organizational and analytical skills and abilities.
  • Ability to perform job responsibilities in a timely and accurate manner within established guidelines under minimal supervision while providing superior customer service.      


NOVEC does not provide sponsorship for this position.

To get started on this great opportunity, please send your resume with salary requirements to:  

NOVEC is an equal opportunity provider and employer.