Cyber Security Compliance Analyst (NERC CIP Compliance)
- Onsite, fully-equipped gym facilities
- Fleet cars for use by staff for local business travel
- Employee rewards, health and financial wellness programs
- Volunteer days and opportunities to participate in community events
- Culture of respect, commitment and camaraderie
The cyber security compliance analyst is responsible for providing oversight, implementation guidance, document maintenance, and tactical direction to Platte River’s business units complying with North American Electric Reliability Corporation (NERC) CIP requirements. This individual participates in enterprise-wide CIP documentation drafting, conducts internal audits and spot checks, conducts CIP status meetings, leads CIP implementation project teams, participates in standards drafting, oversees compliance task completion and evidence creation to ensure successful CIP compliance implementation is met across all applicable business units.
The position resides within SCADA Services at Platte River's headquarters in Fort Collins and provides CIP support to the entire organization.
Essential duties and responsibilities
- Responsible for coordinating all efforts associates with preparation of regulatory documents for submissions. Provides compliance technical oversight to CIP activities companywide.
- Serves as subject matter expert and guides staff with the implementation of CIP processes, procedures, and evidence creation.
- Maintains and participates in drafting CIP standard operating procedures, policies, workplan instructions, and document forms.
- Monitors and tracks all NERC CIP compliance activities using compliance management software.
- Interpret regulatory rules or rule changes and ensure that changes are communicated through company policies and procedures.
- Supports all phases of NERC CIP reliability audit activities, which includes responses to self-certifications, spot checks, and annual audit activities.
- Responsible for preparation and drafting of additional information, documents, or responses requested by NERC, WECC, or other agencies.
- Collects responses from NERC and provides input on process improvements.
- Perform investigative actions utilizing security and network management applications to manage information protection security controls.
- Conducts internal audits, spot checks, and risk analysis to mitigate potential non-compliance issues.
- Creates, updates, and provides training to staff to ensure they are trained on compliance related topics, policies, or procedures.
- Coordinates and leads CIP compliance status meetings to communicate compliance requirements.
- Works safely and demonstrates safe work practices.
- Attends conferences and workshops associated with CIP requirements to proactively engage in training to maintain current knowledge of existing and emerging regulations and standards.
- Maintains relationships with NERC, WECC and other compliance and utility industry personnel.
- Performs other duties as assigned.
Knowledge, skills and abilities
The following are required:
- Demonstrated ability to analyze, draw conclusions and devise solutions to complex problems.
- Strong computer and networking skills.
- Knowledge of bulk electric system concepts.
- Knowledge of power system operations concepts.
- Thorough understanding of NERC CIP regulation standards.
- Thorough understanding of cyber security concepts.
- Ability to interpreted CIP requirements and create required processes, plans or procedures.
- Effective written and verbal communication and evidence documentation skills.
- Ability to work with people having varying technical skill levels.
- Ability to manage projects and time effectively to meet strict regulatory deadliness.
- Ability to follow processes and procedures.
The following are preferred:
- Knowledge of generally accepted government accounting standards.
Education, licenses and certifications
- Bachelor’s degree in Computer Science, Information Systems/Technology, Engineering, Cyber Security, or equivalent
- Cyber security related certifications
- Current valid driver’s license and ability to remain insurable under Platte River’s vehicle liability policy
Required work experience
- 3 years of experience configuring, maintaining, and troubleshooting any of the following: SCADA/EMS, digital control systems (DCS), networks or server infrastructure.
- 3 years of experience designing, configuring, and maintaining cyber security controls.
Preferred work experience
- 5 years experience configuring, maintaining, and troubleshooting SCADA/EMS, digital control systems (DCS), networks or server infrastructure.
- 5 years experience designing, configuring and maintaining cyber security controls.
- Experience implementing NERC CIP standards including documenting processes, participating in audits as an SME and leading compliance initiatives.
While performing the duties of this job, the employee is required to frequently sit, stand, and walk. The following are approximate requirements and % of time:
- Sitting: 30%
- Standing: 5%
- Walking 30%
- Lifting up to 30 lbs. 5%
- Travel: 5% for conferences and trainings
Bi-weekly salary range for position: $3,738.92 - $5,140.92 (placement DOQ)
(range if annualized: $97,212 - $133,664)
Platte River Power Authority offers employees an outstanding benefits package. Benefits offered for this position may include the following:
- Health insurance options including a PPO and high deductible health savings account with prescription drug coverage
- Benefit advocacy
- Dental insurance
- Vision insurance
- Flexible spending plan
- Basic life insurance
- Basic accidental death and disability
- Dependent life and supplemental life insurance options (voluntary)
- Accidental death and disability insurance (voluntary)
- Long-term disability insurance
- Retirement plans 401a defined contribution plan 457b deferred compensation plan
- Paid holidays (12 annually)
- Paid time off: personal and sick leave
- Wellness program
- In-house training opportunities
- Tuition reimbursement
- Employee assistance program
For additional information, please see our website careers page at: https://www.prpa.org/careers/benefits/
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Platte River endeavors to make our careers site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please call us at 970-229-5323 or email firstname.lastname@example.org.
Must be legally eligible to work in the United States. Platte River cannot provide employment to applicants who will require sponsorship now or in the future (i.e. H1B visa, OPT status).
- Pay Type Salary