Associate NERC CIP Cybersecurity Auditing Engineer Analyst

  1. Permanent
BBBH153772
  1. United States
  2. SMART Grid, SMART Metering, ERP, SAP - ERP, Electricity, Gas, Water, T&D, Telecoms, Corporate
Negotiable
Date posted01/01/0001


Background
Northeast Power Coordinating Council, Inc. (NPCC) is a not-for-profit corporation responsible for promoting and improving the reliability of the international, interconnected bulk electricity systems in Northeastern North America. NPCC operates as a Regional Entity under a delegation agreement from the North American Electric Reliability Corporation (NERC) with the responsibilities to develop, monitor, assess, mitigate, and enforce mandatory reliability standards. More information about NPCC can be found on its website at: https://www.npcc.org.
Position Overview
The Associate NERC Cybersecurity Auditing Engineer/Analyst participates in making determinations of compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards. This position analyzes the evidence provided by the registered entity during CIP compliance audits to become reasonably assured of the entity's full compliance while at the same time also performing an assessment of the entity's internal controls. The compliance audits of registered entities are performed under the NERC Rules of Procedure and the NERC Compliance Monitoring and Enforcement Program (CMEP).
Essential Duties and Responsibilities
* Evaluate evidence to determine whether audited entities are in compliance with applicable NERC CIP Standards.
* Review the facts and circumstances of each noncompliance to provide input on initial root cause and risk to the bulk power system.
* Participate in the assessment of audited entities internal controls during audits and evidentiary review periods.
* Create evidentiary record to ensure there is sufficient documentation to support NPCC's compliance determination and that a complete and final record exists.
* Provide training, education, and communications to NPCC staff and industry stakeholders. This includes presentations at workshops, webinars, and to NPCC committees and subcommittees.
* Maintain the confidentiality of evidence, findings, reports, and any other records.
Qualifications
* A Bachelor of Science Degree in Computer Science, Information Systems, Electrical Engineering or equivalent combination of education and electric utility industry experience.
* Minimum of three (3) to five (5) years of relevant electric utility industry experience in any combination of the following:
o Supporting compliance with the NERC CIP standards.
o Providing technical support for industrial control systems such as SCADA/EMS.
o Designing, implementing and/or supporting security controls for industrial control systems such as SCADA/EMS.
* Strong knowledge of information security concepts and practices.
* Strong knowledge of the NERC CIP standards.
* Strong knowledge of networking infrastructure.
* Working knowledge of electric utility operations.
* CISSP in good standing preferred
* CISA in good standing preferred
* Preferred: Ability to communicate fluently in French on all electric power system technical issues.
* Background check results consistent with the protection of critical energy infrastructure information and satisfactory to NPCC, Inc.
* Candidates without experience in the electric utility industry industrial control systems will not be considered.
Location and Benefits
This position is located at NPCC's offices in New York, NY. NPCC offers a competitive compensation program to attract and retain bright and motivated employees. The position is eligible for a benefits package that includes medical, dental, life insurance, short-term and long-term disability, 401(k) plan, and paid personal time.
Equal Opportunity
NPCC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual's actual or perceived disability, protected veteran status, race, color, sex, age, national origin, religion, sexual orientation, gender, gender identity, gender expression, genetic information, marital status, citizenship, domestic violence victim status, or any other federal, state or local protected class.
Additional Information
* Position requires travel within the U.S. and outside of the U.S. to Canada
* Approximate start date: September 2019
If your qualifications and experience match, please send a cover letter and resume by July 22, 2019 to be considered.

Spencer Ogden is acting as an Employment Agency in relation to this vacancy.


Background
Northeast Power Coordinating Council, Inc. (NPCC) is a not-for-profit corporation responsible for promoting and improving the reliability of the international, interconnected bulk electricity systems in Northeastern North America. NPCC operates as a Regional Entity under a delegation agreement from the North American Electric Reliability Corporation (NERC) with the responsibilities to develop, monitor, assess, mitigate, and enforce mandatory reliability standards. More information about NPCC can be found on its website at: https://www.npcc.org.
Position Overview
The Associate NERC Cybersecurity Auditing Engineer/Analyst participates in making determinations of compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards. This position analyzes the evidence provided by the registered entity during CIP compliance audits to become reasonably assured of the entity's full compliance while at the same time also performing an assessment of the entity's internal controls. The compliance audits of registered entities are performed under the NERC Rules of Procedure and the NERC Compliance Monitoring and Enforcement Program (CMEP).
Essential Duties and Responsibilities
* Evaluate evidence to determine whether audited entities are in compliance with applicable NERC CIP Standards.
* Review the facts and circumstances of each noncompliance to provide input on initial root cause and risk to the bulk power system.
* Participate in the assessment of audited entities internal controls during audits and evidentiary review periods.
* Create evidentiary record to ensure there is sufficient documentation to support NPCC's compliance determination and that a complete and final record exists.
* Provide training, education, and communications to NPCC staff and industry stakeholders. This includes presentations at workshops, webinars, and to NPCC committees and subcommittees.
* Maintain the confidentiality of evidence, findings, reports, and any other records.
Qualifications
* A Bachelor of Science Degree in Computer Science, Information Systems, Electrical Engineering or equivalent combination of education and electric utility industry experience.
* Minimum of three (3) to five (5) years of relevant electric utility industry experience in any combination of the following:
o Supporting compliance with the NERC CIP standards.
o Providing technical support for industrial control systems such as SCADA/EMS.
o Designing, implementing and/or supporting security controls for industrial control systems such as SCADA/EMS.
* Strong knowledge of information security concepts and practices.
* Strong knowledge of the NERC CIP standards.
* Strong knowledge of networking infrastructure.
* Working knowledge of electric utility operations.
* CISSP in good standing preferred
* CISA in good standing preferred
* Preferred: Ability to communicate fluently in French on all electric power system technical issues.
* Background check results consistent with the protection of critical energy infrastructure information and satisfactory to NPCC, Inc.
* Candidates without experience in the electric utility industry industrial control systems will not be considered.
Location and Benefits
This position is located at NPCC's offices in New York, NY. NPCC offers a competitive compensation program to attract and retain bright and motivated employees. The position is eligible for a benefits package that includes medical, dental, life insurance, short-term and long-term disability, 401(k) plan, and paid personal time.
Equal Opportunity
NPCC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual's actual or perceived disability, protected veteran status, race, color, sex, age, national origin, religion, sexual orientation, gender, gender identity, gender expression, genetic information, marital status, citizenship, domestic violence victim status, or any other federal, state or local protected class.
Additional Information
* Position requires travel within the U.S. and outside of the U.S. to Canada
* Approximate start date: September 2019
If your qualifications and experience match, please send a cover letter and resume by July 22, 2019 to be considered.

Spencer Ogden is acting as an Employment Agency in relation to this vacancy.

Related jobs

Salary

Negotiable

Options: Permanent
Location

Manhattan, New York

Description

The Senior Full Stack Engineer is responsible for both front end and backend development tasks, including database tasks.

Salary

Negotiable

Options: Permanent
Location

Manhattan, New York

Description

· Support mission critical applications by directing hardware/software patching, trouble shooting, remediating issues, optimizing system performance

Salary

Negotiable

Options: Permanent
Location

Manhattan, New York

Description

The Senior Full Stack Engineer is responsible for both front end and backend development tasks, including database tasks.