CIP Compliance Specialist
Job#5251 - CIP Compliance Specialist
The Woodlands, TX
Roles & Responsibilities
• Plans, develops, implements, and maintains programs to ensure compliance with related NERC CIP regulatory requirements, NRC Nuclear Cyber requirements and SOX including developing and conducting compliance training programs to promote awareness and provide instructions regarding applicable regulatory compliance issues, in accordance with industry standards and requirements.
• Provides guidance and support to in understanding existing and new NERC and NRC compliance requirements across business units such as transmission, generation, and nuclear.
• Proactively identifies potential risks and exposure by formulating sound control practices and processes, and developing appropriate processes to mitigate NERC and NRC violations.
• Develop process flow diagrams based on Subject Matter Expert (SME) interviews.
• Identifies and documents business objectives, risks and controls associated with NERC and NRC compliance requirements.
• Provides support in compliance audits by addressing audit requirements and concerns through interaction with internal and external auditors and the implementation of responsive and corrective solutions.
• Conducts periodic and annual compliance functions, including ongoing audits and reporting.
• Utilizing compliance knowledge and discussions with SMEs develop root cause analysis and develop mitigation plans.
• Develops relationships with industry peers and regulatory agency points of contact to help establish best practices and incorporate in company policies and procedures.
• Supports the development and achievement of the annual goals for NERC and NRC Compliance.
• Prepares and delivers presentations to internal compliance staff and program managers across the organization.
• Disseminates timely communication on all compliance-related matters.
• Proficient in Microsoft Visio, Excel and Word.
• Experience with Federal Compliance Standards: NERC CIP, NRC Cyber Security, SOX, , etc.
• NERC CIP Audit experience, specifically from a GO/GOP perspective.
• Bachelor’s degree required, in Information Systems, Computer Engineering, Electric Engineering, or a related technical field with appropriate experience.
• Understanding of security principles and good knowledge of cyber security technologies, backed up with suitable credentials or certifications.
• Experience with cyber audits, cyber security vulnerability assessments, penetration tests, and the tools/techniques involved in both.
• Experience in the capabilities and/or configuration of cyber security controls, specifically those relating to firewalls, , intrusion detection systems, access control, authentication, anti-virus/anti-malware, patching and hotfix, logging.
• Strong effective written and oral communication skills.
• Strong analytical and critical thinking skills.
• Ability to operate under pressure and under tight deadlines, to operate in on-site industrial (Electric Power) work, and occasional night and weekend work.
• Demonstrated capability to make sound decisions based on good security practices and principles.
• Demonstrated understanding of business principles and operational security practices specific to engineering and/or security consulting.
• Experience with corporate policies and procedures and/or technical writing skills.
Job Status: Contract/Temporary