Are you a cybersecurity professional, with policy and technical expertise in the emerging areas of cloud computing and virtualization? Do you have the passion and desire to support Critical Infrastructure? Do you want to help assure the reliability and security of the bulk power system, upon which 400 million North Americans depend? The CIP Assurance Advisor is responsible for providing oversight, guidance, and coordination in support of the Electric Reliability Organization (ERO) Enterprise’s regulatory functions. This includes oversight of the ERO Enterprise’s implementation of its risk-based Compliance Monitoring and Enforcement Program (CMEP), outreach with industry participants, and collaboration with Regional Entity staff. The CIP Assurance Advisor provides guidance on technical issues, delivers training related to CIP Reliability Standards and risk-based compliance monitoring, and supports the implementation of compliance guidance. This position reports to the Senior Manager, Cyber, and Physical Security Assurance.
· Provide ERO Enterprise cyber security subject-matter expertise for external-facing initiatives and to other NERC departments.
· Lead North America-wide cybersecurity outreach and training initiatives in support of NERC’s mission, and provide project management expertise for CIP-related security projects.
· Collaborate and coordinate with ERO Enterprise staff regarding cybersecurity initiatives and CIP Reliability Standards.
· Proactively identify cybersecurity risks to the bulk power system and provide risk mitigation support.
· Lead and/or participate in the development and execution of risk-based compliance monitoring programs/processes/activities as well as with NERC committees, subcommittees, working groups, and industry stakeholder groups as necessary.
· Assist in developing and executing oversight programs/processes/activities to evaluate regional entity adherence to the NERC Rules of Procedure, CMEP, and delegation agreements.
· Proactively identify security and reliability gaps in the NERC Reliability Standards.
· Assist in the ongoing development and improvement of NERC CMEP policies, procedures, rules, and other activities.
· Assist in the development of Reliability Standard Audit Worksheets and CIP Evidence Request Tool for new and revised NERC Reliability Standards.
· Ensure that Compliance Assurance activities are conducted in adherence with NERC Rules of Procedure.
· Assist NERC Enforcement in the evaluation of self-reports, audit findings, and registered entity Mitigation Plans.
· Other duties as assigned.