NERC CIP Compliance Senior Technical Auditor
The AES Corporation · Salt Lake City, UT · 4 mo ago
Management$100k–$125k/yrFull-time
Qualifications
AES Clean Energy is seeking a highly technical NERC CIP Compliance Senior Technical Auditor to provide leadership, independent oversight, and expert guidance in maintaining continuous compliance with the NERC CIP Standards that support the reliable operation of the Bulk Electric System. This role requires a strong technical foundation in cybersecurity, operational technology, and control system environments, along with the ability to perform detailed technical assessments, validate complex security controls, and interpret technical evidence with precision.
Primary Duties And Responsibilities
- Demonstrate deep expertise in applicable NERC CIP Standards (CIP-002 through CIP-014).
- Maintain strong technical knowledge of NERC compliance monitoring and enforcement processes.
- Clearly and concisely communicate NERC compliance requirements, standards, and expectations to Subject Matter Experts (SMEs).
- Conduct periodic internal compliance assessments and spot checks to verify adherence to applicable Standards.
- Monitor updates to new and existing CIP Standards, and coordinate comments from internal SMEs for industry commenting and balloting activities.
- Support legal and project management teams by defining scopes of service for third-party contractors and reviewing contract changes for alignment with NERC Standards.
- Participate in evaluating potential compliance concerns as a member of the NERC compliance team.
- Collaborate with IT and OT teams to identify, recommend, and implement technologies that automate and streamline compliance monitoring and reporting processes.
- Apply knowledge of NERC monitoring and enforcement processes to develop solutions and recommendations for compliance issues.
- Serve as a liaison between NERC Compliance and internal stakeholders on all compliance related matters.
- Engage in industry focus groups and conferences to remain informed about evolving NERC compliance expectations and best practices.
- Lead responses to regulatory requests, enforcement actions, and data reporting obligations from a NERC CIP perspective.
Skills And Experience
- Bachelor’s degree in Computer Science, Information Systems/Security, Computer or Systems Engineering, or a related technical field, with 6-10 years of NERC CIP experience demonstrating ability to perform required responsibilities.
- Fundamental knowledge of information technology, cybersecurity, operations technology, networking systems, and/or EMS operations.
- Experience participating in IT audits and implementing or overseeing security and internal controls.
- Strong leadership, interpersonal, analytical, and time management skills.
- Prior experience with Industrial Control Systems (ICS).
- Excellent verbal and written communication skills.
- Ability to manage, prioritize, and execute multiple priorities and projects in a dynamic environment.
- Hands-on experience supporting or monitoring a NERC CIP compliance program.
- Highly motivated self-starter with a strong desire to take on new challenges.
- Previous CIP and GO/GOP/TO/TOP compliance experience including monitoring, training, and audit support.
- Exceptional attention to detail and commitment to fostering a culture of compliance.
- Strong project management capabilities.
- Proficiency with Microsoft Word, Excel, PowerPoint, and SharePoint.
- Ability to apply one or more risk management frameworks (preferred but not required).