Jobs · Information Technology

NERC CIP Virtualization Consultant

Dragonfli Group · Washington, DC · 1 wk ago
RemoteRemoteInformation TechnologyFull-time

Responsibilities

  • Review and update existing NERC CIP policies and procedures to reflect virtualization requirements under NERC Project 2016-02
  • Develop new documentation for in-scope BES Cyber Systems across all project phases including design, build, and delivery
  • Document technical and procedural requirements for virtualized environments supporting critical infrastructure
  • Develop testing and evidence collection strategies to support CIP compliance audits
  • Update Management Model documentation to reflect changes in processes and procedures
  • Conduct awareness and education sessions to drive organizational understanding of CIP virtualization changes
  • Leverage assessment tools such as Tripwire or AssurX to support gap analysis and ongoing compliance monitoring
  • Collaborate with internal stakeholders across IT, OT, and compliance functions to socialize policy changes
  • Serve as a subject matter expert on NERC CIP standards, providing technical and regulatory guidance to project teams
  • Support engagement planning, analysis, and stakeholder coordination throughout all project phases

Requirements

  • Must-Have:
    • 5+ years of experience with NERC Critical Infrastructure Protection (CIP) standards in an energy, utilities, or electric reliability context
    • Demonstrated experience with virtualization technologies (e.g., VMware, Hyper-V, or equivalent) as applied to OT/ICS or BES Cyber Systems
    • Experience developing, updating, and implementing cybersecurity policies and procedures in a regulated utility or energy environment
    • Familiarity with NERC Project 2016-02 (Modifications to CIP Standards) and the regulatory context for CIP virtualization
    • Ability to communicate complex technical and regulatory concepts to non-technical stakeholders
    • Experience conducting or supporting NERC CIP compliance assessments, audits, or gap analyses
    • Proficiency producing professional deliverables in Microsoft Word, PowerPoint, and Excel
    • U.S. Citizenship or Permanent Residency (required per contract)
    • Ability to work within the continental United States for the duration of the engagement
  • Preferred / Nice-to-Have:
    • Experience with Tripwire Enterprise or AssurX Quality Management/Regulatory Compliance software in a NERC CIP context
    • Prior consulting or subcontracting experience in a multi-stakeholder energy sector engagement
    • NERC CIP certification or formal NERC compliance training (e.g., through SERC, WECC, or NERC University)
    • Familiarity with the BES Cyber System categorization process and associated protection requirements
    • Experience with evidence collection and audit readiness for NERC CIP regional entity reviews
    • Working knowledge of OT/SCADA environments and their intersection with CIP virtualization standards
    • Prior experience transitioning from short-term compliance engagements to long-term regulatory support roles

Skills

  • Technical Skills:
    • NERC CIP Standards (CIP-002 through CIP-014, with focus on virtualization-applicable standards)
    • Virtualization technologies: VMware vSphere, Hyper-V, or equivalent hypervisor platforms
    • OT/ICS and BES Cyber System environments
    • Policy and procedure development for regulatory compliance
    • Cybersecurity assessment and gap analysis methodologies
    • Tripwire Enterprise (file integrity monitoring and configuration management)
    • AssurX quality management and regulatory compliance tracking
    • Evidence collection and audit documentation for NERC CIP
  • Soft Skills:
    • Ability to socialize complex compliance changes across technical and non-technical stakeholder groups
    • Strong written communication skills for producing regulatory-quality documentation
    • Organizational awareness — ability to navigate large, matrixed utility organizations
    • Self-directed with the discipline to manage deliverables in a remote-first environment
    • Collaborative approach to cross-functional policy development and implementation
    • Adaptability to transition from short-term compliance delivery to a long-term program support role

Similar jobs

Virtual Consultant

Dynamic EcoHomeRichardson, TX· 2 wk ago
Consulting$120k–$200k/yrapply on ats.rippling.com

Virtual Consultant

Nuvant Consulting GroupSacramento, CA· 1 mo ago
RemoteEducationapply on app.jazz.co

Virtualization-Savvy CNO Developer

Spry Squared, Inc. - Cybersecurity and Managed IT ServicesFort Meade, MD· 3 mo ago
Information Technology$150k–$300k/yrapply on careers-page.com