NERC CIP Compliance Analyst

19 Oct 2024

Vacancy expired!

NERC CIP Compliance AnalystWe are seeking an experienced

NERC CIP Compliance Analyst with the responsibility in executing compliance strategies and processes that will help to achieve and maintain compliance with mandated The

North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) cyber security regulations.

Position Responsibilities;
  • Ensure that Organization’ Critical Infrastructure networks are properly being monitored; periodically review system logs in order to identify security incidents.
  • Maintain compliance with

    NERC CIP standards associated with the Organization’

    SCADA Energy Management System (EMS)
  • Assist in the planning and implementation of the NERC CIP compliance work by creating and implementing ongoing, sustainable, and repeatable processes within the EMS Provisioning/Support Department.
  • Lead and participate in auditing activities conducted for compliance verification by NERC, Internal Audit, and other auditing bodies/regulatory agencies.
  • Develop, refine, review and update documentation, processes, procedures, and standards to maintain compliance with

    NERC CIP; develop tools and metrics for periodic reporting. Develop

    NERC CIP compliance assessment and remediation reports.
  • Assist in recommendations, design and implementation of future automated systems, procedures, and methods required for maintaining and streamlining

    NERC CIP compliance.
  • Participate in department and/or cross-functional teams to complete special projects or assignments as requested.
  • Administer and configure users on systems that validate and allow secure access to Critical Infrastructure.

Position Requirements;
  • Over seven (7) years of related professional experience
  • Strong understanding and experience with

    NERC CIP 002-013 standards.
  • Experience in the systems administration skills and operating system experience for

    UNIX and WINTEL (e.g., AIX, Linux, Windows) platforms
  • Experience with enterprise class system security requirements and server hardening practices
  • Comprehensive experience with disaster recovery preparedness and recovery exercises
  • Ability to establish and maintain Windows architecture best practices, including procedures, templates, and relevant documentation
  • As necessary, test and document system changes in an off-line, development environment to ensure compliance with

    NERC Critical Infrastructure Protection regulations.
  • Competency with network security and information security concepts and technologies.
  • Familiarity with the following:
    • Incident management response
    • Risk assessment methodologies
    • Information protection (including information classification)
    • Disaster recovery planning
    • Change management and control
    • Identity and access management
    • Intrusion detection and prevention
  • Experience with Control Systems environment
    • Performance monitoring
    • Active Directory and Group Policy Objects
    • Networking, IP protocols, firewall rules, routers, switches, DNS, and IDS
    • Patch management
    • Backup management
    • Experience with Windows Server Update Services (WSUS)
    • Understanding of TCP/IP and LAN/WAN connectivity
Basic knowledge of Control Center and substation operation is an advantage. No Phone Calls PleasePlease send us your resume in a word file with contact details

  • ID: #21372493
  • State: New York Hicksville 11801 Hicksville USA
  • City: Hicksville
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2021-10-19
  • Deadline: 2021-12-16
  • Category: Et cetera