NERC CIP or SENIOR NERC CIP COMPLIANCE SPECIALIST

Tampa, FL, US

Seminole Electric Cooperative, Inc.

View all jobs at Seminole Electric Cooperative, Inc.

Apply now Apply later

***The successful applicant will join a small team of regulatory compliance (RGC) professionals responsible for the development, implementation, monitoring, and management of Seminole’s North American Electric Reliability Corporation (NERC) compliance program. Seminole’s RGC-NERC teams (both O&P and CIP) directly report to a NERC Compliance Manager and indirectly report to the Director of Regulatory Compliance and/or our General Counsel. As detailed below, the open position is seeking CIP Standards experience and/or expertise.***  

***THIS POSITION MAY BE FILLED AT EITHER A SPECIALIST OR SENIOR SPECIALIST LEVEL DEPENDING ON THE QUALIFICATIONS AND EXPERIENCE OF THE CANDIDATE.***


Position Summary Description 

The position is responsible for the development, implementation, monitoring, and management of Seminole’s North American Electric Reliability Corporation (NERC) compliance program. This role executes specific tasks, prepares or reviews evidence showing compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards, coordinates compliance activities, and provides guidance to Subject Matter Experts (SMEs). Implements systematic continuous improvements of compliance policies, procedures, training materials, and asset lists.  Maintains knowledge of current and future regulatory requirements and assesses their impact on Seminole.


Essential Functions 

  • Guides SMEs in the development and implementation of compliance processes and procedures.
  • Develops internal processes and controls to achieve and sustain compliance with all applicable NERC Reliability Standards, FERC Standards of Conduct, and market manipulation training requirements.
  • Completes internal activities relating to initiation and implementation of program changes.
  • Assists in the development and maintenance of relevant training materials for compliance program.
  • Provides training and direction to personnel in order to maintain an environment of continuous improvement.
  • Coordinates:
    • the non-compliance process to document non-compliance to NERC standards, coordinates the evaluation of each occurrence, and tracks the implementation of corrective action
    • regulatory audit preparation activities to include preparation, critique and validation of reliability standard audit worksheets (RSAW's) and periodic updates
    • all on and off-site activities for self-certifications, audits, and cyber vulnerability assessments through the collection of documents and evidence and interaction with regulatory personnel
    • response and action items required to ensure audit and cyber vulnerability assessment findings, and non-compliance suspense dates and required regulatory submittals are met
    • the storage of required NERC compliance documentation and evidence to ensure the material is available and follows BES Cyber System Information requirements
    • balloting reviews for new and revised NERC Reliability Standards
  • Presents updates to leadership on the status of programs, plans, reports, and related documents.
  • Establishes and maintains effective relationships with local industry, regional entities and internal stakeholders to allow for effective achievement of business goals and compliance with program requirements.
  • Monitors NERC Reliability Standards as well as SERC Compliance Monitoring and Enforcement Program (CMEP), to ensure Seminole remains in compliance with regulatory requirements.
  • Participates in the NERC Standards Development Process as necessary to ensure Seminole’s interests are addressed when existing standards are revised or new standards are proposed.
  • Reviews correspondence from NERC, SERC, and industry groups to gain understanding of compliance program and appropriate electric utility industry regulatory requirements.
  • Performs NERC Compliance Program roles if/as designated in Seminole’s Standard Ownership Matrix (SOM) including ongoing evidence retention in “audit-ready” form as applicable and directed.  You should also be familiar with Seminole’s Enterprise Internal Compliance Program (ENT-GCD-RGC-EP-054) to further your understanding of Seminole’s compliance program and the context of your duties and responsibilities attendant to your designation in the SOM.
  • Performs other duties as applicable to the position or as assigned.

 

Qualifications and Education Requirements 

Bachelor's degree in Computer or Information Sciences, Cyber Security, Electrical Engineering, Mechanical Engineering, Business Administration, Process Management, Auditing, or Risk Management.   Alternative degrees in combination with specialized experience and/or certifications may be considered.

Desire two (2) - four (4) to six (6) years' experience in a combination of the following:

  • NERC CIP Compliance
  • Information Technology (IT), Cyber Security or comparable experience with emphasis on  technical and security domains
  • Auditing or Risk Management
  • Electric Utilities experience subject to NERC Standards

Core Competencies: Adaptable, Collaborative, Conscientious, Critical-Thinking, Outcome-Driven and Professional

Technical Competencies/Skills

  • Demonstrated experience or Sufficient Knowledge of:
    • NERC CIP Reliability Standards
    • auditing procedures and risk management
    • change management, incident reporting and response planning
    • developing, implementing, and maintaining processes, procedures, and evidence 
    • business continuity processes and disaster recovery
    • basic enterprise cyber security principles
    • system operator protocols
    • Transmission, Generation, Distribution, or Energy Management Systems
  • Proficiency with Microsoft Office applications

 Soft Competencies/Skills

  • Effective communication and technical writing skills
  • Ability to:
    • manage multiple priorities to meet multiple deadlines
    • direct program work and lead cross-functional team efforts as necessary
    • interpret data and produce informative reports
    • assist with related projects as needed
  • Be self-directed, originate new ideas, and able to present methods to others

Physical Requirements

Must be able to follow established protective measures including wearing required personal protective equipment (PPE).  Must have a valid driver’s license and be able to maintain an acceptable motor vehicle report.  Must be able to lift 25 pounds if needed.

 

Working Conditions

Some travel and work outside of normal business hours. While working in certain areas of generating plants there is the potential for exposure to hazards typical of an industrial working environment.  

 

Disclaimer - Management may modify this job description at any time and may require the performance of additional duties, or modification of physical requirements, with or without advance notice.”

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Compliance Jobs

Tags: Audits Compliance Driver’s license Industrial Monitoring NERC CIP Risk management

Perks/benefits: Career development

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.