ABOUT NPCC
Northeast Power Coordinating Council, Inc. (“NPCC”) is a not-for-profit corporation in the state of New York responsible for promoting and enhancing the reliability of the international, interconnected bulk power system in Northeastern North America. NPCC is one of six Regional Entities which, together with the North American Electric Reliability Corporation (“NERC”), make up the Electric Reliability Organization Enterprise. NPCC operates under a delegation agreement with NERC. This agreement recognizes that NPCC meets the qualifications for delegation of certain roles, responsibilities and authorities of a cross-border regional entity as defined by Section 215 of the Federal Power Act in the U.S. and through Canadian provincial regulatory and/or governmental Memoranda of Understanding (“MOUs”) or Agreements.
As a part of the ERO Enterprise, NPCC is committed to the collective vision of a highly reliable and secure North American bulk power system and shares the joint mission of assuring the effective and efficient reduction of risks to the reliability and security of the grid.
NPCC carries out this mission through (i) the development of regional reliability standards and compliance assessment and enforcement of continent-wide and regional reliability standards, coordination of system planning, design and operations, and assessment of reliability, (collectively, “regional entity activities”), and (ii) the establishment of regionally-specific criteria, and monitoring and enforcement of compliance with such criteria (collectively, “criteria services activities”). NPCC provides the functions and services for Northeastern North America of a cross-border Regional Entity through its regional entity division, as well as regionally-specific criteria services for Northeastern North America through its criteria service’s division.
The NPCC geographic region includes the State of New York and the six New England states as well as the Canadian provinces of Ontario, Québec and the Maritime provinces of New Brunswick and Nova Scotia. Overall, NPCC covers an area of nearly 1.2 million square miles, populated by more than 55 million people. In total, from a net energy for load perspective, NPCC is approximately 44% U.S. and 56% Canadian. With regard to Canada, approximately 65% of Canadian net energy for load is within the NPCC Region.
POSITION DESCRIPTION
The Senior CIP Compliance Analyst is responsible for participating as a compliance monitoring team member in making determinations of compliance with NERC Critical Infrastructure Protection (CIP) Standards and, under certain circumstances, NERC Operations and Planning (O&P) Standards.
KEY RESPONSIBILITIES
- Evaluates Registered Entity evidence, as an Audit Team member, to determine compliance with applicable NERC CIP Reliability Standards.
- Serves as the Audit Team Lead when assigned.
- Reviews the facts and circumstances of audit findings to provide input on initial root cause and risk to the Bulk Power System.
- Assesses the maturity of Registered Entities internal controls as part of document and evidentiary reviews.
- Creates sufficient documentation to support NPCC’s compliance determinations and ensures a complete and final record exists.
- Supports the Compliance Monitoring program with the creation and maintenance of compliance monitoring documentation, records, and metrics.
- Maintains awareness of NERC Rules of Procedure, NERC Reliability Standards, NERC Reliability Standards under development, and related projects and activities.
- Leads efforts to identify cyber and physical security trends within NPCC and develop “lessons learned” or other analysis documents.
- Provides subject matter expertise to the Entity Risk Assessment and Enforcement departments on completed compliance monitoring engagements; assessment and risk of potential non-compliances; and mitigation activities.
- Provides training, education, and communications to NPCC staff, Registered Entities, and ERO Enterprise staff.
EDUCATION AND CERTIFICATION/LICENSE CREDENTIALS
- Bachelor’s degree in Information Systems, Computer Science, Electrical Engineering or industry-related field of study with 5 or more years related industry experience; or equivalent combination of education and related industry experience showing the ability to perform major duties.
- 5 - 10 years of experience in the electric utility industry or related technical industry in at least one of the following discipline areas:
- Desktop and systems design
- Information security concepts and practices
- EMS and SCADA systems
- Networking
- Systems architecture
- Windows and Linux operating systems
- NERC CIP standards and related internal controls
- NERC/NPCC Compliance Monitoring and Enforcement Programs
A Plus:
- Master’s degree in Information Systems, Computer Science, Electrical Engineering, or industry-related field of study
- Proficiency in NP-View network analysis tool
- Working knowledge of firewall and switch configuration files for various manufacturers
- Work experience with Tripwire and other system baselining tools
- Knowledge of common industry and IT application network ports and ranges
- Proficiency in netstat command and its output
- Related auditor or professional certifications or licenses (e.g., CIA, CISSP, CISA)
FUNCTIONAL COMPETENCIES
- Effective knowledge of related NERC Rules of Procedure, NERC Reliability Standards, NPCC Reliability Criteria, Directories and Procedures.
- Able to develop and deliver professional presentations.
- Able to effectively engage and participate in discussions with stakeholders.
- Ability to work on many projects simultaneously with only periodic guidance.
- Ability to complete tasks in a timely and efficient manner.
- Excellent verbal and written communication skills, including presentation skills.
- Excellent interpersonal and conflict resolution skills.
- Excellent organizational skills and attention to detail, including project management skills.
- Strong analytical and problem-solving skills.
- Strong proficiency in Microsoft Excel.
- Strong supervisory and leadership skills.
- Strong teamwork skills.
PHYSICAL REQUIREMENTS
- Prolonged periods of working on a computer.
- Travel to main office and in-person meetings, as required (barring no restrictions based on travel or health advisories, or occupancy restrictions).
- Ability to work and travel within the U.S. and travel to Canada.
EEOC DISCLAIMER
NPCC is proud to be an Equal Opportunity Employer committed to diversity and inclusion in the workplace. Employment, including the decision to hire, promote, discipline or discharge, will be solely based on competence, performance, and business needs. We prohibit discrimination on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, sex, age, national origin, religion, sexual orientation, gender, gender identity, gender expression, genetic information, marital status, citizenship, domestic violence victim status, or any other status protected under federal, state or local law.
Job Type: Full-time
Pay: $140,000.00 - $150,000.00 per year
People with a criminal record are encouraged to apply
Work Location: Remote
