Eversource will not offer immigration-related sponsorship for this position.  Applicants who require immigration sponsorship—either now or in the future—should not apply.  This includes, but is not limited to, direct company sponsorship, listing Eversource as the employer of record on immigration documents, or any work authorization that requires company involvement or documentation (e.g., H-1B, OPT, STEM OPT, CPT, TN, J-1, O-1, etc.).

The Vendor Risk Management IT Security Analyst is responsible for developing, implementing, and validating IT control standards and procedures for third‑party vendors. This role supports the full vendor lifecycle including new contracts, vendor onboarding, and system integrations to ensure alignment with Eversource’s General IT Controls, cybersecurity policies, and regulatory requirements.

The analyst conducts detailed vendor risk assessments, identifies potential control gaps, and recommends remediation actions or enhanced control designs. They evaluate the effectiveness of existing vendor controls through scheduled testing based on vendor criticality tiers and document results in accordance with established risk and compliance frameworks. This position requires strong knowledge of vendor risk management principles, IT security controls, and third‑party oversight processes to ensure that vendors effectively safeguard Eversource information and systems.

Essential Functions: 

• Oversees policy, standards, guidelines, and control monitoring and testing for Vendors.

• Conducts process design, analysis, documentation, implementation and testing activities.

• Analyzes communication and recommends updates.

• Participates in the testing and evaluation of new products and processes.

• Performs first level troubleshooting, analysis and monitoring of automated work processes for compliance to key security controls and practices.

• Effectively communicates issues and/or concerns to stakeholders and audit management throughout the course of your work

• Monitors implementation and completion of remediation efforts

• Performs vendor and third-party risk assessments

Technical Knowledge/Skill/Education/Licenses/Certifications:

Technical Knowledge/Skill:

Technical Knowledge:

• The candidate chosen for this position will hold technical IT audit knowledge for establishing in house controls aligned to COBIT, NIST and other industry standards while mitigating risks of the company’s IT Security and General Computing Control framework. Familiarity with COBIT, NIST standards.

• Full understanding of applicable state and federal legislation and industry specific regulations.

• Archer GRC experience.

Skills:

• Risk assessment ability and internal audit experience

• Excellent communication and interpersonal skills; good report writing skills

• Knowledge of IT security and infrastructure

• Knowledge of operating system platforms

• Excellent analytical skills

Education:

• Four-year college degree from an accredited institution; Bachelor’s Degree in Business, Risk, IT, or related field with focus on information systems or related experience

Experience:     

• Five (5) or more years of related experience with a minimum of two years of relevant work experience in Risk Management

• Strong knowledge of IT general controls related to operations, information security and change management of systems software, application source code, network, and system database technologies

• Experience testing automated and manual application controls; security testing experience required

Licenses & Certifications:

• None

Working Conditions:

• Must be available to work emergency restoration assignment as required.

• Must be available to travel between MA/CT/NH as necessary.

Mental Aspects:

• N/A

#LI-ES3

Competencies:

Build trusting relationships

Manage and develop people

Foster teamwork and cross-functional collaboration

Lead change

Communicate strategic vision

Create an engaged workforce

Focus on the customer

Take ownership & accountability

Compensation and Benefits:

Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:

$119,100.00-$132,330.00

Worker Type:

Regular

Number of Openings:

1

Emergency Response:

Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment.  This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location. 

EEO Statement:

Eversource Energy is an Equal Opportunity and Affirmative Action Employer.  All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.

VEVRRA Federal Contractor