Talent.com
CIP Enforcement Analyst

CIP Enforcement Analyst

NORTHEAST POWER COORDINATINGNew York, NY, US
20 days ago
Job type
  • Full-time
Job description

Job Description

Job Description

POSITION DESCRIPTION

The Critical Infrastructure Protection (CIP) Enforcement Analyst investigates, analyzes, and prepares dispositions for noncompliance of Critical Infrastructure Protection (CIP) NERC Reliability Standards. This person also provides technical expertise in cybersecurity and CIP issues and works with other ERO Enterprise staff, registered entities, and regulators to support a highly reliable and secure North American Bulk Power System.

KEY RESPONSIBILITIES

  • Articulate the facts and circumstances, extent, and cause of each noncompliance and ensure the noncompliance disposition ties to the NERC Reliability Standard requirement.
  • Assess the risk of each noncompliance and ensure the disposition appropriately and thoroughly describes the risk.
  • Review mitigation and / or work with entity to develop mitigation for each noncompliance so that each noncompliance is corrected, and the mitigation prevents recurrence.
  • Verify mitigation is completed through a review and documentation of mitigation evidence.
  • Review and document the compliance history for each noncompliance.
  • Conduct peer reviews of noncompliance dispositions drafted by other staff.
  • Communicate with registered entities and the ERO Enterprise as necessary, to investigate CIP noncompliance and issues, and to assure appropriate and informed enforcement actions.
  • Triage incoming noncompliance to identify violation facts, preliminary risk assessment, and complexity of the noncompliance.
  • Develop risk criteria to evaluate the potential impact and likelihood of impact the noncompliance has on the BPS.
  • Ensure confidential information is identified, labeled, stored, and transferred in accordance with NPCC’s procedures for confidential information.
  • Ensure information and data placed into various portals, software, and databases are accurate and complete.
  • Participate in NPCC and ERO Enterprise meetings, workshops, task forces, committees, and forums, as assigned.
  • Assist in developing responses to oversight of NPCC.
  • Develop and / or amend policies and procedures.
  • Perform other duties as assigned.

EDUCATION AND CERTIFICATION / LICENSE CREDENTIALS

  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Engineering, or other relevant Bachelor’s degree.
  • 3 or more years’ experience associated with computer systems used in the electric utility industry; or 3 or more years of experience in securing computer systems, including both physical and electronic security; or 3 or more years of experience working within an electric utility Control Center or Regulatory IT role.
  • One or more of the following certifications preferred :

    • CompTia Security+

  • CompTia Network+
  • CompTia CySa+
  • GIAC Security Essentials (GSEC)

    • FUNCTIONAL COMPETENCIES

  • Ability to effectively communicate technical concepts to non-experts verbally and in writing
  • Excellent organizational skills and ability to prioritize and to manage multiple assignments concurrently.
  • Strong questioning attitude and attention to detail
  • Strong analytical and problem-solving skills.
  • Strong interpersonal and conflict resolution skills.
  • Ability to mentor others
  • Ability to learn and work in a variety of portals, software, and databases.
  • Proficient with Microsoft Office Suite or related software.
    • Create a job alert for this search

    Cip Analyst • New York, NY, US