SENIOR NERC CIP COMPLIANCE SPECIALIST
Seminole Electric Cooperative, Inc. · Tampa, FL · 1 mo ago
HybridAccountingFull-time
Position Summary
The position is responsible for the development, implementation, monitoring, and management of Seminole’s North American Electric Reliability Corporation (NERC) compliance program. This role executes specific tasks, prepares or reviews evidence showing compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards, coordinates compliance activities, and provides guidance to Subject Matter Experts (SMEs).
Essential Functions
- Guides SMEs in the development and implementation of compliance processes and procedures.
- Develops internal processes and controls to achieve and sustain compliance with all applicable NERC Reliability Standards, FERC Standards of Conduct, and market manipulation training requirements.
- Completes internal activities relating to initiation and implementation of program changes.
- Aids in the development and maintenance of relevant training materials for compliance program.
- Provides training and direction to personnel in order to maintain an environment of continuous improvement.
- Oversees, Coordinates, and/or Manages:
- the non-compliance process to document non-compliance to NERC standards, coordinates the evaluation of each occurrence, and tracks the implementation of corrective action
- regulatory audit preparation activities to include preparation, critique and validation of reliability standard audit worksheets (RSAW's) and periodic updates
- all on and off-site activities for self-certifications, audits, and cyber vulnerability assessments through the collection of documents and evidence and interaction with regulatory personnel
- response and action items required to ensure audit and cyber vulnerability assessment findings, and non-compliance suspense dates and required regulatory submittals are met
- the storage of required NERC compliance documentation and evidence to ensure the material is available and follows BES Cyber System Information requirements
- balloting reviews for new and revised NERC Reliability Standards
- Presents updates to leadership on the status of programs, plans, reports, and related documents.
- Establishes and maintains effective relationships with local industry, regional entities and internal stakeholders to allow for effective achievement of business goals and compliance with program requirements.
- Maintains knowledge of current and future regulatory requirements and assesses their impact on Seminole.
- Participates in the NERC Standards Development Process as necessary to ensure Seminole’s interests are addressed when existing standards are revised, or new standards are proposed.
- Reviews correspondence from NERC, SERC, and industry groups to gain understanding of compliance program and appropriate electric utility industry regulatory requirements.
- Performs other duties as applicable to the position or as assigned
Qualifications and Education Requirements
- Bachelor's degree in Computer or Information Sciences, Cyber Security, Electrical Engineering, Mechanical Engineering, Business Administration or Process Management, Auditing, or Risk Management. Alternative degrees in combination with specialized experience and/or certifications may be considered.
- Desire four (4) - six (6) years' experience in two of the following: NERC CIP Compliance, Information Technology (IT), Cyber Security or comparable experience with emphasis on technical and security domains, Auditing or Risk Management, Electric Utilities experience subject to NERC Standards.
Core Competencies
- Adaptable
- Collaborative
- Conscientious
- Critical-Thinking
- Outcome-Driven
- Professional
Technical Competencies/Skills
- Demonstrated experience of sufficient knowledge of: NERC CIP Reliability Standards, auditing procedures and risk management, change management, incident reporting and response planning, developing, implementing, and maintaining processes, procedures, and evidence, business continuity processes and disaster recovery, basic enterprise cyber security principles, system operator protocols, Transmission, Generation, Distribution, or Energy Management Systems, proficiency with Microsoft Office applications
Soft Competencies/Skills
- Effective verbal/nonverbal, listening and written communications
- Proficient writing and presentation skills
- Ability to: multitask and manage multiple priorities to meet multiple deadlines, direct program work and lead cross-functional team efforts as necessary, direct compliance teamwork during absence of Regulatory Compliance Management, interpret data and produce informative reports, initiate projects as required
Physical Requirements
- Must be able to follow established protective measures including wearing required personal protective equipment (PPE).
- Must have a valid driver’s license and be able to maintain an acceptable motor vehicle report.
- Must be able to lift 25 pounds if needed.
Working Conditions
- Some travel and work outside of normal business hours.
- While working in certain areas of the plant there is the potential for exposure to hazards typical of an industrial working environment.