JobTarget Logo

CIP Enforcement Manager in New York, New York at NORTHEAST POWER COORDINATING

NewSalary: $160000 - $175000Job Function: Executive/Management
NORTHEAST POWER COORDINATING
New York, New York, 10018, United States
Posted on
New job! Apply early to increase your chances of getting hired.

Explore Related Opportunities

Job Description

Position Summary

Under the Director of Enforcement, the primary responsibility of the Critical Infrastructure Protection (CIP) Enforcement Manager is to process and resolve noncompliance with NERC Reliability Standards. This includes ensuring consistent application of the standards, confirming that risk assessments are technically sound, verifying that corrective actions are developed, approved, and completed, and determining appropriate enforcement dispositions.

Enforcement Responsibilities

  • Evaluate applicability of NERC CIP Standard noncompliance by leveraging NERC Standards language and measures, Implementation Plans, ERO-developed practice guides, and industry-created implementation guidance.
  • Assess noncompliance for completeness of disclosure including but not limited to scope, duration, discovery, and accuracy of root cause.
  • Evaluate risk to the Bulk Power System of CIP Standard noncompliance to ensure risk assessments are technically sound and defensible.
  • Review and/or work with entities in developing mitigating actions to remediate and prevent recurrence.
  • Evaluate the quality and completeness of evidence submitted by registered entities in support of mitigation completion.
  • Assess an entity’s compliance history to determine repetitive conduct and/or programmatic failures.
  • Conduct peer reviews of dispositions drafted by other staff.
  • Triage incoming noncompliance to identify violation facts, preliminary risk assessment, and complexity of the noncompliance.
  • Communicate with registered entities and the ERO Enterprise as necessary, to investigate CIP noncompliance and issues, and to assure appropriate and informed enforcement actions.
  • Provide formal written assessments that serve as the technical basis for enforcement disposition recommendations.
  • Manage the CIP Enforcement Team, including oversight of enforcement-related activities and supervision of day-to-day team responsibilities.
  • Identify trends that may indicate systemic compliance risks across the NPCC region
  • Recommend conclusions for each noncompliance considering factors such as scope, duration, risk, mitigating factors, and compliance history.
  • Distinguish between isolated occurrences and systemic compliance program weaknesses.
  • Collaborate with CIP monitoring teams to ensure that noncompliance outcomes inform future audit scoping, sampling, and Inherent Risk Assessments.
  • Monitor emerging risks found in FERC Orders, Standards development, reliability guidance, and industry developments for implications to the enforcement risk posture.
  • Assist, from a technical perspective, in the negotiation of settlements.
  • Provide evidence, testimony, and documentation in support of Hearing Proceedings, as needed.
  • Provides training, education, and communications to NPCC staff, Registered Entities, and ERO Enterprise staff.
  • Ensure information and data placed into various portals, software, and databases are accurate and complete.
  • Participate in NPCC and ERO Enterprise meetings, workshops, task forces, committees, and forums.
  • Work closely with the Director, Enforcement, legal, and other NPCC staff to develop and/or review responses to oversight.
  • Provide CIP technical expertise to NPCC staff.
  • Develop and/or amend policies and procedures.

Education and Certification

  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Engineering or other relevant Bachelor’s degree.
  • 7 or more years’ experience associated with computer systems used in the electric utility industry; or 7 or more years of experience in securing computer systems, including both physical and electronic security; or 7 or more years of experience working within an electric utility Control Center or Regulatory IT role.
  • One or more of the following certifications/licenses are strongly preferred:
    • (ISC)2 Certified Information Systems Security Professional (CISSP)
    • GIAC/SANS Global Industrial Cyber Security Professional (GICSP)
    • ISACA Certified Information Systems Auditor (CISA)
    • ISACA Certified in Risk and Information Systems Control (CRISC)
  • One or more of the following certifications/licenses are preferred:
    • ISACA Certified Information Security Manager (CISM)
    • GIAC/SANS GIAC Critical Infrastructure Protection (GCIP) o CompTIA Security+

Skills and Abilities

  • Ability to effectively communicate technical concepts to non-experts verbally and in writing.
  • Excellent organizational skills and ability to prioritize and to manage multiple assignments concurrently.
  • Strong questioning attitude and attention to detail.
  • Strong analytical and problem-solving skills.
  • Strong interpersonal and conflict resolution skills.
  • Ability to mentor others.
  • Ability to learn and work in a variety of portals, software, and databases.
  • Proficient with Microsoft Office Suite or related software.

Job Location

New York, New York, 10018, United States

Frequently asked questions about this position

Similar Jobs In New York, New York

Urgently Hiring

Manager, NY Management Center

AMERICAN MANAGEMENT ASSOC.
New York, New York
NewHot Job

Technician, Field Svc I- Brooklyn/Queens

Canon U.S.A., Inc.
Melville, New York
New

Service Manager

Haddad Plumbing & Heating
Newark, New Jersey
New

Administrative Assistant

Mountainside Treatment Center
New York, New York
New

Full-Time Surge Team Representative (Little Falls, NJ)

C.A. Ferolie
Little Falls, New Jersey

Apply NowYour application goes straight to the hiring team