ICT NERC Compliance Program Manager - Andover Massachusetts

Location: Andover, Massachusetts
Posted On: 11/06/2024

This position reports directly to the Director of ICT, and is responsible for leading the design, testing and implementation of the NERC Compliance Program

The Program includes driving adherence to NERC V5 Standards, Critical Infrastructure, Reliability Assessment and Performance Analysis, Reliability Risk Management, Compliance & Enforcement and System Operator Training and Certification

Responsible for providing leadership for company-wide NERC-CIP related projects including potential self-reports, mitigation plans, self-certifications, compliance audits and annual Critical Asset / Critical Cyber Asset Identifications.

Manage NERC compliance reporting, regional transmission organization compliance / operational surveys and the development of new procedures and processes, working with company's business organizations, to enhance the NERC Compliance Program and comply with new regulatory requirements

General Job Description

The Program Manager, NERC Compliance is responsible for leading the design, testing and implementation of a company-wide NERC Compliance Program. In this role, the ICT NERC-CIP Program Manager is accountable for compliance monitoring and tracking, compliance procedure and policy development, audit preparation and involvement, compliance self-certifications, responding to data requests and NERC Alerts and other NERC activities related to asset registration. This position will also oversee the interpretation, execution, documentation and reporting of NERC and Regional Reliably Standards and Critical Infrastructure Protection (CIP) Standards. Be the subject matter expert for all applicable NERC and Regional Reliability Standards. Monitor and track NERC compliance through the performance of annual internal compliance audits at the registered assets.



Typical Responsibilities include:

Strategic planning for the operation and administration of the ICT Security environment

Manage IT Security projects and ensure a robust IT Security environment is maintained and new technology is implemented that supports enterprise security initiatives

Understand NIST 800 security framework and a variety of COTS security systems

Develop project requirements, statements of work (SOW), request for proposals (RFP), and negotiate contracts

Perform problem management/resolution of complex network and security issues

Develop, communicate, and maintain policies, procedures and standards to support organizational needs

Develop and perform Security Awareness Training within the organization

Subject Matter Expert (SME) for organizational NERC V3 / V5 (CIP's 002-011) needs

Manage, coordinate, execute, and remediate annual NERC Cyber Vulnerability Assessment requirements across departments

Member of NERC organizational team responsible for compliance program

Conduct internal cyber security audits and drive compliance for internal and external audits

Utilize process management and improvement through ITIL and ITSM (IT Service Management) efforts

Support security event correlation and reporting, content filtering, intrusion detection and prevention, firewall management, vulnerability assessment, network access control and remote access

Collaborate with network, server and application administrators, technology support center personnel and other security professionals to enhance and improve security processes and documentation

Qualifications

Bachelor Degree in Information Technology, Business, Engineering or related discipline, or an equivalent combination of education, training, and experience.

Must have three or more years of NERC compliance experience including experience developing and managing compliance policy, procedures and programs

Typically possesses seven or more years of experience in organizational programs or contract management.

Demonstrated experience working with NERC and the Critical Infrastructure Protection (CIP) Standards CIP-002 through CIP-009.

Demonstrated experience monitoring NERC compliance activities and reporting status to senior management.

Demonstrated experience developing business policies, procedures and processes that ensure auditable compliance with NERC Standards.

Demonstrated experience developing reports or testimony demonstrating compliance with the NERC compliance requirements.

Demonstrated experience identifying and evaluating modifications to internal controls, processes and/or systems, and consulting with senior and executive management regarding related recommendations.

Demonstrated strong problem solving, strategic thinking and decision making skills and ability to analyze complex regulatory or business issues or problems.

Demonstrated experience managing and implementing medium to large multidisciplinary projects and cross functional teams, developing and executing plans, meeting critical deadlines, operating under rigid time constraints, monitoring and reporting project status, and coordinating activities to ensure timely delivery.

Demonstrated experience with FERC, NERC, SPP, WECC and/or CAISO.

Demonstrated ability to interface effectively with clients, peers, contractors, regulatory agencies and all levels of management to develop solutions and ensure stakeholder buy-in.

Demonstrated ability to accurately analyze information, integrate people processes, systems, and technologies, and make strategic decisions regarding project scope, impact, policy, development, and implementation.

Demonstrated ability to follow Edison safety protocols and safe work practices.

Demonstrated proficiency with Lotus Notes, Microsoft Word, Excel, Power Point, Project and Visio.

Must demonstrate the ability to integrate work across relevant areas, develop the business and services to enhance customer satisfaction and productivity, manage risks appropriately, develop and execute business plans, manage information, and provide exceptional service to internal and external customers.

Must demonstrate effective resource and project planning, decision making, results delivery, team building, and the ability to stay current with relevant technology and innovation.

Must demonstrate strong ethics, influence and negotiation, leadership, interpersonal skills, communication, and the ability to effectively manage stress and engage in continuous learning. More...

Register an account with us and set up job agents! We'll email you immediately when jobs like this are posted on our site.