Senior Critical Infrastructure Protection Compliance (CIP) Advisor

Why Work Here?

Great Opportunities. Great People. 

One Company, Infinite Possibilities. 

Employees at ATCO are offered endless variety. We are entrepreneurial with a large degree of autonomy and freedom, experiencing new situations and learning opportunities every day. Internal advancement is commonplace, and we are always supported in our career journey. We believe in creating a workplace where you can thrive professionally while contributing to something greater and serving our communities.

About the Role:

The Senior Critical Infrastructure Protection (CIP) Compliance Advisor is responsible for ensuring ATCO’s compliance with current and future Alberta Reliability Standards (ARS) CIP standards. 

The role will ensure compliance by supporting the development, implementation and maintenance of compliance-related documentation, supporting CIP projects and audit activities, and reporting of compliance activities in support of ATCO’s CIP compliance program. The position acts as a subject matter expert, in both CIP project and operational capacities, for the delivery of CIP compliance governance, oversight and monitoring related services and functions.

The Senior CIP Compliance Advisor is required to investigate, analyze, and prepare dispositions on suspected contraventions of CIP Standards in preparation for reporting to the Alberta Electric System Operator (AESO). This position is to provide technical expertise in cybersecurity and CIP compliance matters, while working collaboratively with both internal and external teams to ATCO Electric, registered entities, and regulators to support the reliability and security of Alberta’s bulk electric system.

What You Get to Do:

• Lead initiatives to identify, develop, and coordinate recommended improvements to the CIP Compliance Program and associated processes, procedures, etc. and provide implementation guidance and compliance support
• Provide CIP subject matter expertise and implement guidelines for physical security engineering standards
• Lead the development, execution, and maintenance of CIP Compliance process documentation as it relates to NERC CIP standards (AESO ARS CIP Standards)
• Provide guidance on enhancement opportunities in the development of internal control and change management processes in collaboration with internal SMEs 
• Ensure ongoing compliance with existing, new and upcoming applicable ARS CIP standards, and support in the implementation of compliance software tools
• Lead and support investigation, documentation and monitoring of compliance self-reports and mitigation plan actions
• Assist with overseeing the team in the development, collection, and review of compliance evidence to ensure accurate and timely completion, including proactive self-certifications, where applicable.
• Ensure data consistency and initiate data cleanup measures as needed
• Monitor and assist with compliance controls, monitoring solutions and reports
• Conduct analysis of compliance risks and issues when necessary and develop recommendations to address them accordingly
• Lead and coordinate in preparing all reporting to both internal as well as external regulatory agencies
• Support the development and ongoing maintenance of CIP compliance KPI’s and assist with ongoing enhancements and aligning service improvements with KPI’s
• Proactively monitor and stay up to date on evolving ARS CIP standards, regulatory changes, and industry best practices.
• Lead and manage CIP audit activities and gap assessments to identify and address any areas of non-compliance
• Partner with stakeholders across the organization to foster a compliance-focused culture.
• Mentor and support junior team members, providing expert guidance and coaching
• Serve as the CIP Compliance subject matter expert, providing comprehensive support and guidance to stakeholders on ARS CIP requirements and best practices
• Ensure leadership is continually informed by providing summaries of audit activities and regulatory decisions related to compliance matters
• Monitor and respond as appropriate to the AUC’s requests for stakeholder input on AESO submitted Alberta Reliability Standards (ARS), rules, etc. 
• Where required, monitor and provide feedback on the development of and revisions to the North American Electric Reliability Corporation (NERC) Reliability Standards and the Western Electricity Coordinating Council (WECC) Reliability Standards

What You Bring: 

• Bachelor’s degree in computer science, Cybersecurity, Information Systems Technology, Information Systems Security, or Electrical Engineering. Equivalencies combined with experience may be considered.
• 8 to 10 years of delivering successful CIP Compliance services, including the understanding of cybersecurity management frameworks
• Extensive knowledge of Third-Party and cybersecurity risk assessment management methodologies and frameworks
• 5-7 years of related experience in a Utility or Energy Company
• Knowledge around Protection and Control, Automation and SCADA, Networking, Infrastructure, telecontrol, and other instrumentation substation assets
• Strong knowledge of NERC CIP Standards and/or Alberta ARS CIP Standards 
• CISA designation 
• Excellent verbal and written communication skills
• Excellent organizational skills and attention to detail
• Strong analytical and problem-solving skills
• Strong interpersonal and conflict resolution skills
• Strong critical thinking skills with the ability to identify and solve complex problems with limited managerial oversite
• High ethical standards and a commitment to maintaining the confidentiality and integrity of sensitive information
• Proficient with Microsoft Office 365 Suite and compliance-related software
• GCIP, CISSP, and/or CRISC preferred
• Prior auditing experience preferred

What We Offer:

• A culture based on caring, integrity, agility, collaboration, and striving for excellence
• Competitive compensation
• Flex benefits
• Tuition assistance program
• Training and mentorship programs
• Charitable donation matching

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.   

ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com. ATCO is proud to be an equal opportunity employer. Visit our website for more information.

In the spirit of reconciliation, we acknowledge the traditional territories and homelands on which many of our ATCO operations and facilities are located. We honour and respect the diverse history, languages, ceremonies, and culture of the Indigenous Peoples who call these areas home.