OUC - The Reliable One , is presently seeking a Senior CIP Analyst to join the Legislative, Reg & Compliance division. At OUC, we don’t just work – we’re building a bright future of innovation and transformation for future generations.
We are seeking a detail-oriented, compliance-driven professional with a strong background in cyber security to ensure our ongoing adherence to NERC Critical Infrastructure Protection (CIP) standards. This role is pivotal to OUC’s mission of maintaining a robust security posture for our critical infrastructure. You will be responsible for supporting a variety of cyber security compliance initiatives, including managing OUC’s NERC CIP program requirements, conducting compliance assessments, and collaborating with internal teams to maintain OUC's standards of due care and due diligence. We are looking for an adaptable self-starter who excels at interpreting standards and thrives in a collaborative, high-stakes environment.
The ideal candidate will have:
- Bachelor’s degree in Computer Science, Technology, Engineering, or related field from an accredited college or university
- 5+ years of experience in Cyber Security, NERC CIP Compliance, IT consulting, or Network Engineering
- Expertise in NERC CIP standards, Ethernet network troubleshooting, cybersecurity program management, and familiarity with cybersecurity systems, including monitoring, incident response, and routine audits
- Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and cybersecurity tools, including Wireshark and VMware
- Strong communication and organizational skills for collaborating with business units, interpreting compliance standards, supporting SMEs, preparing documentation, and presenting findings effectively
- A proactive approach to managing multiple projects and evolving priorities independently
Salary Range: $88,750 - $110,938 annually - commensurate with experience
Job Purpose:
Responsible for supporting the effort to ensure that OUC is in compliance with all current mandatory and enforceable NERC CIP standards and properly prepared to meet all future enforceable NERC CIP standards. Performance in this role is expected to demonstrate both due care—ensuring that all required documentation, processes, are in place and if executed as designed would result in a fully compliant position—and due diligence—ensuring that all programs are executed as designed and produce sufficient evidence that Compliance can be clearly demonstrated.
Primary Functions:
- Interpret the requirements of NERC CIP standards;
- Assess NERC compliance application notices, interpretation requests, and ballots relating to Critical Infrastructure Protection (CIP);
- Function as Program Manager for a variety of OUC cyber security related programs such as Access Control, Electronic Security Perimeters, etc.;
- Partner with internal customers that implement the cyber security controls on detailed design, implementation schedule, and quality assessment and user acceptance testing;
- Create and maintain reports as needed and perform log reviews of OUC Security Information and Event Management (SIEM) devices supporting OUC Bulk Electric System (BES) Cyber Systems;
- Perform routine audits of CIP cyber security controls related to the network and access point infrastructure to ensure design functionality and effectiveness;
- Perform routine audits of CIP Windows based asset classes devices to ensure design functionality and effectiveness;
- Conduct reviews of compliance programs and documentation specifically related to NERC CIP standards to ensure that they are complete and accurate. If gaps are identified, conduct an evaluation and/or root cause analysis to identify recommended improvements and mitigating actions;
- Perform duties as required as a member of the OUC Cyber Security Monitoring Center such as responding to Cyber Security automated system alerts;
- Perform as cyber Subject Matter Expert (SME) on the OUC Cyber Incident Response Team (CIRT);
- Perform a review and make specific recommendations on all Electricity Sector Information Sharing and Analysis Center security notifications;
- Perform investigations, documentation and submittal of potential violations to regulatory organizations and ensure they are tracked for timely resolution and fully documented in auditable records;
- Represent OUC on SERC Reliability Corporation (SERC) committees, working groups, and FRCC CIPS;
- Perform other duties as assigned.
Technical Requirements:
- Working knowledge of, but not limited to, the following:
- Layer 2, layer 3 and hybrid Ethernet network drawings;
- Microsoft Visio network drawings, rack layouts, Access List spreadsheets;
- Ethernet Network Troubleshooting;
- Packet tracing;
- NERC Critical Infrastructure Protection standards;
- Software Applications (i.e. Microsoft Visio, VMware, Kaseya, Ovation, Wireshark);
- Familiarity with all, but not limited to, the following:
- Equipment (i.e. Wireshark [Ethernet network Sniffing], IP telephony);
- Cisco firewalls and switches command line expertise;
- Related industry, organizational and departmental policies, practices and procedures; legal guidelines, ordinances and laws;
- Demonstrated effective business communication and consultation skills to communicate effectively across a diverse group both internally and externally.
- Ability to work independently and initiate appropriate courses of action on assignments.
- Ability to manage multiple tasks and multiple projects and adapt with shifting priorities.
- Ability to examine and evaluate data and present alternative actions in relation to the evaluation.
- Ability to make arithmetic computations using whole numbers, fractions and decimals, and compute rates, ratios, and percentages;
- Ability to use Microsoft Office Suite (Word, Excel, Outlook, etc.) and standard office equipment (telephone, computer, copier, etc.).
Working Conditions:
This job is typically performed in an office work environment. May require occasional travel between OUC facilities.
Physical Requirements:
This job requires standing, walking, sitting, repetitive motions, climbing (ladders, stairs, hills, etc.), bending/stooping, reaching over head, kneeling and/or crawling, and lifting up to twenty (20) pounds. This job requires speaking and hearing, typing, reading, writing, and detailed inspection.
OUC–The Reliable One is an Equal Opportunity Employer who is committed through responsible management policies to recruit, hire, promote, train, transfer, compensate, and administer all other personnel actions without regard to race, color, ethnicity, national origin, age, religion, disability, marital status, gender, sexual orientation, gender identity or expression, genetic information and any other factor prohibited under applicable federal, state, and local civil rights laws, rules, and regulations.
#J-18808-Ljbffr