Job description
Purpose
The NERC (North American Electric Reliability Council) CIP (Critical Infrastructure Protection) Compliance Analyst manages various Remote Ops Compliance programs and projects. They will ensure that all requirements of Governing agencies and regulations, such as NERC, Federal Energy Regulatory Commission (FERC), Sarbanes-Oxley, etc., and other Local and Global Control requirements are communicated and adhered. Maintain a strong working relationship with internal and external constituents of such regulating bodies. Provides point of contact and lead for security related incidents and activities for area. Work with subject matter experts from across the companies to provide compliance guidance, expertise, and support for program development, and performance tracking and reporting. This position is on Hybrid schedule, located in Vancouver, WA.
Responsibilities
- Develop, implement, and report on the NERC CIP compliance program and internal control framework and metrics.
- Support other compliance/regulatory activities e.g. SOX, Internal Audits.
- Maintain control matrices for NERC CIP. This includes documenting new and/or modifications to existing key controls.
- Ensure all documentation related to NERC CIP is kept up to date to reflect current business processes/procedures.
- Assist in facilitation of testing by both internal and external constitutes.
- Actively participate/conduct management testing of key controls, and evaluate compliance to all regulations.
- Identify and communicate any control gaps and work with SME’s to facilitate remediation.
- Coordinate and work with all external vendors (Auditors) and internal organizations related to compliance and regulatory auditing for AVANGRID Renewables.
- Develop, maintain, and collect audit-related documentation; and coordinate audit responses with all internal and external vendors (Auditors) related to compliance and regulatory auditing.
- Assist in monitoring security events, including the analysis of logs, to perform associated analysis, anomaly identification, escalation, remediation, and incident response.
- Reports and advises on proposed changes in regulations.
Note: The above Key Responsibilities/Duties are not intended to be all inclusive. Employees in this position may be required to perform other related aspects of the job not listed above or listed under Purpose/Major Objectives as assigned by the supervisor.
Competencies
- Be a role model
- Be agile
- Collaborate and Share
- Develop Self & Others
- Empower to grow
- Focus to achieve results
- Technical Skills
Skills and Requirements
Education: This position requires knowledge which is normally required through the completion of a Bachelor’s Degree in a relevant field, or an equivalent combination of education and work experience.
Experience: Experience working in a regulated industry. Five or more years of related exposure and involvement in a large computerized system and client/server environment. Technical skills to perform reviews of applications, operations, security system software, and new systems. Knowledge of auditing networks and personal computer environments. Individual must be proficient in the utilization of personal computers and related software applications. Knowledge of regulatory bodies and legal requirements to which Avangrid Renewables must comply.
Skills/Abilities:
- Able to build strong relationships with key customers of IT services and work with others to design effective process/system solutions.
- Ability to plan, organize, and communicate (verbal and written) effectively.
- Project Management experience.
- Ability to understand and analyze FERC/NERC and other regulatory requirements.
- Able to work independently, and exercise excellent problem-solving, analytical, judgment, and decision-making skills.
- Ability and willingness for limited travel.
- Strong working knowledge of Microsoft Office Products.
- At least 4-6 years of IT experience with responsibilities in security, compliance, or related field.
Preference may be given to candidates with the following:
- Experience creating / following NERC-CIP compliance procedures and processes.
- Working knowledge of the regulatory environment for utility companies.
- Experience in IT Controls Frameworks and Compliance.
Our Selection Process
#LI-CH1
Mobility Information
Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country
Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within AVANGRD Network and Corporate functions. This does not include those that will work for Avangrid Renewables
blackflymedia.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, blackflymedia.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, blackflymedia.com is the ideal place to find your next job.