SERC Reliability logo
Company Name:
Approximate Salary:
Not Specified
Location:
Charlotte, North Carolina
Country:
United States
Industry:
Other
Position type:
Full Time
Experience level:
2 - 5 years
Education level:
Bachelor's Degree
ID
206421
Job Title:
CIP Compliance Auditor

CIP Compliance Auditor

 

The electric grid is vital to our everyday lives.  It is fundamental for the health, safety, and well-being of our communities, and provides the platform for our economy and our societal and technological advances. SERC’s mission is to reduce risks to the reliability and security of the electric grid (also known as the bulk power system), not only for today but also for the future. 

 

To achieve this mission, we maintain a diverse team of experts across numerous disciplines in order to address the complex, evolving, and dynamic challenges facing the grid. Our team also partners with the best and brightest individuals from both the power industry and the federal government to understand and address the challenges facing the grid. These key partnerships make our work more informed, pragmatic, responsive, and impactful. 

 

The CIP Compliance Auditor coordinates, schedules and leads audit teams in the execution of Compliance Audits, Certifications and Spot-Checks in the SERC Reliability Corporation (SERC) region. The incumbent supports implementation of the Compliance Monitoring and Enforcement Program (CMEP) established by SERC in coordination with the North American Electric Reliability Corporation (NERC), the Electric Reliability Organization (ERO) under the jurisdiction of the Federal Energy Regulatory Commission (FERC).   DUTIES AND RESPONSIBILITIES:

 

  • Develop and refine CIP Auditing / Spot-Check approaches.
  • Develop and refine methods for proper control of CIP related information.
  • Act as CIP Subject Matter Expert and facilitate internal training.
  • Coordinate information gathering and dissemination related to performance of CIP Audits and Spot-Checks.
  • Act as an Audit Team Leader or an audit team member during the CIP Audits and Spot-Checks of entities within the SERC Region. 
  • Participate as a team member in Certification and readiness reviews as assigned.
  • Ensure audit reports are accurate, thorough, and contain sufficient information upon which to base compliant/non-compliant findings.
  • Provide timely notification to the Manager of CIP Monitoring, and Reliability Assessments & Mitigation group of potential non-compliances / possible violations with their risk significance.
  • Provide audit reports to the audit team for comment and to the Manager of CIP Monitoring in a timely manner following audits and in accordance with the Compliance Monitoring and Enforcement Plan.
  • Analyze data related to compliance including routine filings, self-certification statements, self-reports, complaints and other forms and draw logical conclusions relative to non-compliances and possible violations of reliability standards.
  • Comply with SERC policies with regard to anti-trust, independence, conflicts of interest, and confidentiality.
  • Perform other assignments as needed.

 

QUALIFICATIONS AND EXPERIENCE:

 

  • 3-5 years of experience associated with networked systems used in the electric utility industry, or 5 years of experience in securing systems, including both physical and electronic security.
  • Four year and/or higher educational degree in Engineering, Computer Engineering or Computer Science/Technology, or equivalent experience.
  • Certified Information System Auditor (CISA)
  • Certified Information System Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Experience with IT Audit or security controls.
  • Excellent organizational and time management skills.
  • Effective communication skills (face-to-face, telephone, written and email, and presentation skills).
  • Proficient with Microsoft Office, including Word, Excel, and PowerPoint.
  • Ability to work with and analyze information, draw meaningful conclusions, and provide documentation of the results.
  • Demonstrated ability to lead diverse groups of people that comprise the audit teams.
  • Ability to interface between audit teams and upper management of SERC registered entities.
  • Prior experience in business negotiations and have the ability to influence others.
  • Comprehensive and in-depth knowledge of the NERC Critical Infrastructure Protection Standards.
  • Ability to take industry best practices from such organizations as the IIA, ISACA, and apply them to CIP Auditing.

 

SALARY/BENEFITS:

 

The salary range for this position is DOE. We offer a generous PTO package; paid holidays; medical, dental, vision, life, short-term and long-term disability insurance, and a 401(k) plan with an organization match.
Apply for this job

Options

More Jobs Like This