PortlandMERecruiter Since 2001
the smart solution for Portland jobs

ICT NERC Compliance Program Manager

Location: Andover
Posted on: November 5, 2024

Job Description:

This position reports directly to the Director of ICT, and is responsible for leading the design, testing and implementation of the NERC Compliance Program


The Program includes driving adherence to NERC V5 Standards, Critical Infrastructure, Reliability Assessment and Performance Analysis, Reliability Risk Management, Compliance & Enforcement and System Operator Training and Certification


Responsible for providing leadership for company-wide NERC-CIP related projects including potential self-reports, mitigation plans, self-certifications, compliance audits and annual Critical Asset / Critical Cyber Asset Identifications.


Manage NERC compliance reporting, regional transmission organization compliance / operational surveys and the development of new procedures and processes, working with company's business organizations, to enhance the NERC Compliance Program and comply with new regulatory requirements


General Job Description


The Program Manager, NERC Compliance is responsible for leading the design, testing and implementation of a company-wide NERC Compliance Program. In this role, the ICT NERC-CIP Program Manager is accountable for compliance monitoring and tracking, compliance procedure and policy development, audit preparation and involvement, compliance self-certifications, responding to data requests and NERC Alerts and other NERC activities related to asset registration. This position will also oversee the interpretation, execution, documentation and reporting of NERC and Regional Reliably Standards and Critical Infrastructure Protection (CIP) Standards. Be the subject matter expert for all applicable NERC and Regional Reliability Standards. Monitor and track NERC compliance through the performance of annual internal compliance audits at the registered assets.



Typical Responsibilities include:


Strategic planning for the operation and administration of the ICT Security environment


Manage IT Security projects and ensure a robust IT Security environment is maintained and new technology is implemented that supports enterprise security initiatives


Understand NIST 800 security framework and a variety of COTS security systems


Develop project requirements, statements of work (SOW), request for proposals (RFP), and negotiate contracts


Perform problem management/resolution of complex network and security issues


Develop, communicate, and maintain policies, procedures and standards to support organizational needs


Develop and perform Security Awareness Training within the organization


Subject Matter Expert (SME) for organizational NERC V3 / V5 (CIP's 002-011) needs


Manage, coordinate, execute, and remediate annual NERC Cyber Vulnerability Assessment requirements across departments


Member of NERC organizational team responsible for compliance program


Conduct internal cyber security audits and drive compliance for internal and external audits


Utilize process management and improvement through ITIL and ITSM (IT Service Management) efforts


Support security event correlation and reporting, content filtering, intrusion detection and prevention, firewall management, vulnerability assessment, network access control and remote access


Collaborate with network, server and application administrators, technology support center personnel and other security professionals to enhance and improve security processes and documentation


Qualifications


Bachelor Degree in Information Technology, Business, Engineering or related discipline, or an equivalent combination of education, training, and experience.


Must have three or more years of NERC compliance experience including experience developing and managing compliance policy, procedures and programs


Typically possesses seven or more years of experience in organizational programs or contract management.


Demonstrated experience working with NERC and the Critical Infrastructure Protection (CIP) Standards CIP-002 through CIP-009.


Demonstrated experience monitoring NERC compliance activities and reporting status to senior management.


Demonstrated experience developing business policies, procedures and processes that ensure auditable compliance with NERC Standards.


Demonstrated experience developing reports or testimony demonstrating compliance with the NERC compliance requirements.


Demonstrated experience identifying and evaluating modifications to internal controls, processes and/or systems, and consulting with senior and executive management regarding related recommendations.


Demonstrated strong problem solving, strategic thinking and decision making skills and ability to analyze complex regulatory or business issues or problems.


Demonstrated experience managing and implementing medium to large multidisciplinary projects and cross functional teams, developing and executing plans, meeting critical deadlines, operating under rigid time constraints, monitoring and reporting project status, and coordinating activities to ensure timely delivery.


Demonstrated experience with FERC, NERC, SPP, WECC and/or CAISO.


Demonstrated ability to interface effectively with clients, peers, contractors, regulatory agencies and all levels of management to develop solutions and ensure stakeholder buy-in.


Demonstrated ability to accurately analyze information, integrate people processes, systems, and technologies, and make strategic decisions regarding project scope, impact, policy, development, and implementation.


Demonstrated ability to follow Edison safety protocols and safe work practices.


Demonstrated proficiency with Lotus Notes, Microsoft Word, Excel, Power Point, Project and Visio.


Must demonstrate the ability to integrate work across relevant areas, develop the business and services to enhance customer satisfaction and productivity, manage risks appropriately, develop and execute business plans, manage information, and provide exceptional service to internal and external customers.


Must demonstrate effective resource and project planning, decision making, results delivery, team building, and the ability to stay current with relevant technology and innovation.


Must demonstrate strong ethics, influence and negotiation, leadership, interpersonal skills, communication, and the ability to effectively manage stress and engage in continuous learning.

Keywords: , Portland , ICT NERC Compliance Program Manager, IT / Software / Systems , Andover, Maine

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Maine jobs by following @recnetME on Twitter!

Portland RSS job feeds