NERC CIP Compliance AnalystColumbia Association, Inc. | Holyoke, MA, 01040, US
Posted a month ago
ISO New England Inc., One Sullivan Road, Holyoke, Massachusetts, United States of America Req #775
Tuesday, February 21, 2023
The CIP and Systems Compliance Operations candidate independently analyzes and performs complex technical compliance and internal control activities in order to meet ISO-NE’s regulatory compliance requirements related to NERC Cyber Infrastructure Protection standards (NERC CIP) and with the Statement on Standards for Attestation Engagements No. 16 (SSAE16) Service Organization Control (SOC1) standard.
Day-to-day activities include analyzing, performing and monitoring compliance activities associated with electronic access controls, account management, patch management, change management, and configuration management. Depending on experience this position has the opportunity to provide clear tactile direction and technical guidance to less experienced staff on departmental processes and procedures to ensure success.
How you will make an Impact
- Work with applicable team members to develop knowledge of the various regulatory requirements and the department's role in ensuring ISO-NE’s compliance with those requirements.
- Provide guidance and assist IT departments with completing moderate to complex compliance activities and forms.
- Perform all assigned CIP compliance activities within the required time frames including updating baselines, investigating & documenting unexpected system configuration changes, investigating & remediating logging issues, performing quarterly and 15-month account reviews.
- Participate in the evidence collection and quality assurance reviews within the assigned time frames.
- Successfully address all compliance related service desk incidents and IT Asset Workflow tickets following appropriate procedures and timelines as documented.
- Perform quality assurance (QA) reviews and validation reviews of CIP-related implementations (processes, procedures, internal controls) and associated evidence to ensure compliance with ISO-NE’s NERC CIP program and process documents.
- Participate in NERC CIP Self Report activities ensuring a timely filing, and carrying out short and long term mitigation plans where appropriate
- Gather data in preparation for audits
What we are looking for
- Bachelor’s Degree in Engineering, Computer Science, Information Security, or related fields or equivalent experience
- 5+ years of experience working with IT infrastructure and software
- 5+ years in compliance, project management, risk management, or document management
- Working knowledge of data center operations and technologies (Windows/Linux/Cisco)
- Working knowledge of basic security and networking concepts including: LAN/WAN, firewalls, routers, switches, VPN, encryption, IDS/IPS sensors.
- Demonstrated understanding of the NERC CIP standard
- Strong to advanced MS office skills, including Word, Excel, Access and SharePoint; experience in building charts and graphics, forms and templates.
- Experience in providing guidance to team members and other work groups in a matrix environment
Clarity of purpose is the starting point for all success. The ISO’s mission, vision, and values define our purpose—these values serve as the cultural cornerstones of theorganization.
Mission: Through collaboration and innovation, ISO New England plans the transmission system, administers the region’s wholesale markets, and operates the power system to ensure reliable and competitively priced wholesale electricity.
Vision: To harness the power of competition and advanced technologies to reliably plan and operate the grid as the region transitions to clean energy.
Values: Expertise, Respect, Innovation, Dependability and Collaboration
What We Offer: Located in Holyoke, MA amid the picturesque Pioneer Valley of Western Massachusetts, our employees get the best of both rural and urban living, enjoying day-to-day local community culture and conveniences with drivable access to big city amenities. Our competitive base salaries, performance-driven bonus incentive offering, as well as a variety of health, wellness, and professional development benefits underscore the value we place in our employees. Beyond our comprehensive medical, dental, and vision plans, we encourage continuous learning through our training and tuition reimbursement programs and support work-life balance with flex hours, hybrid work models for most roles, and paid vacation and holidays. Our benefits strive to fulfill the needs of our employees across life’s stages, with paid parental time off, health and wellness programs, 401k with company match, and a retirement plan. For the convenience of our employees, we offer complimentary access to our onsite fitness center and a cafeteria with free coffee.
COVID-19 Policy: Employee safety and well-being is a priority at ISO New England. To safeguard our teams and the important work they do, ISO New England has a mandatory COVID-19 vaccination policy.
Equal Opportunity : We are proud to be an EEO/AA employer. Applicants for employment are considered without regard to race, creed, color, citizenship, religion, sex, sexual orientation, marital status, national origin, age, disability, status as a veteran, Vietnam Era Veteran, or being a member of the Reserves or National Guard.
Drug Free Environment: We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Social Networking Notice : ISO New England reserves the right to review the candidate's postings on any social networking site accessible in the public domain as part of the candidate assessment process.
- ISO New England Inc., One Sullivan Road, Holyoke, Massachusetts, United States of America