Sr. CIP Compliance Analyst or CIP Compliance Analyst

No Expiration Date

This posting will remain open until the position is filled. We encourage you to apply early as we will review and consider candidates as they are received.

Hybrid Remote Schedule

This role has the option to be a blend of remote and onsite work if department and business needs allow and with approval from direct supervision. Our hybrid remote work schedule combines three (3) days on premises with up to two (2) days remote.

Key Roles

Will consider Senior CIP Analyst or regular CIP Analyst; however, only Senior requirements are listed as they are the maximum level of skills and experience that would be required.

Senior

This position is part of a team responsible for ensuring EKPC remains compliant with applicable North American Electric Reliability Corporation (NERC) Critical Infrastructure Program (CIP) standards. The role requires extensive knowledge of CIP standards, their purpose in reducing Bulk Electric System risk, identifies and solves complex problems/processes, and analyzes technical evidence.

Key Responsibilities

- Develops and maintains EKPC¿s CIP program, including policies, plans, procedures, and internal controls. Oversees document reviews, communicates changes, develops and reviews internal controls, and tests effectiveness.

- Serves as an expert resource to management and subject matter experts (SMEs), providing clarification, interpretation, technical guidance, advice, and support on meeting the NERC CIP requirements.

- Serves as a SME for CIP administrative requirements, including training development and delivery, PRA initiation, and processing access requests (physical, electronic, and BCSI). Plans, coordinates, and documents meetings for drills and supply chain assessments.

- Monitors standards under development, assesses impact to EKPC, communicates changes, and develops/steers implementation plans.

- Monitors compliance activity due dates and timely completion by SMEs.

- Serve as a primary compliance contact with SERC for CIP matters, ensuring timely completion of self-reports, mitigation plans, RFIs, etc. by SMEs and standard owners.

- Facilitates regulatory engagements, including audits, spot checks, and self-certifications.

- Assists in the administration of SigmaFlow, and other workflow and documentation systems.

- Assists team members in performing technical SME duties when needed.

- Performs periodic, including baseline reviews, access reviews, or privilege reviews, as needed.

- Monitors and collects visitor logs.

- Performs other duties as assigned.

Key Requirements

Education and Certifications / Licenses:

- Bachelor's degree in a related technical field. An equivalent combination of education and experience may substitute.

- Certified Information System Auditor (CISA) preferred.

Experience:

- Seven (7) years of related experience.

- Demonstrated experience in auditing or regulatory compliance required.

Skills and Abilities:

- Thorough knowledge of EKPC and CIP policies and procedures.

- General understanding of computing and network architecture and functionality.

- Thorough knowledge of SigmaFlow compliance management system.

- Proficient knowledge of Microsoft Office suite

- Excellent verbal, written, and listening communication skills.

- Excellent interpersonal skills and the ability to work with staff at all levels of the organization, including external contacts.

- Provides thorough and timely communication to leadership, peers, and stakeholders.

- Ability to balance detail orientation with big-picture understanding.

- Excellent documentation and organization skills.

- Ability to prioritize work, manage time, and adhere to deadlines.

- Ability to work independently and as part of a team.

- Ability to exercise discretion and maintain confidentiality.

Competencies

- Technical/Professional Knowledge and Skills

- Planning and Organizing

- Information Monitoring

- Gaining Commitment

- Communication

Working Conditions

- Usual office conditions apply to this position with occasional lifting up to twenty (20) pounds.

- Occasional work outside normal hours required.

- Some travel within the system and occasional out-of-state, which may be overnight.

- Must maintain valid driver's license.

- Must wear personal protective equipment as appropriate.