Skip Ribbon Commands
Skip to main content
SharePoint

Position Title

CIP Compliance Engineer

Reports To

VP of Compliance

Location

St Paul, MN

Posted Date

11/15/2017

Position Summary

The CIP Compliance Engineer will function as a compliance staff expert in the Critical Infrastructure Protection area who will participate in the implementation of the annual NERC/MRO Compliance Monitoring and Enforcement Program (CMEP), by maintaining a current understanding of NERC/MRO regulatory compliance trends; and evaluating the Registered Entities' adherence to the NERC CIP Reliability Standards. This position is also responsible for identifying improvements to Compliance processes and procedures and for developing enhancements as assigned by the management team.

Primary Responsibilities

Perform duties as assigned by the VP of Compliance.

1. Implementing Annual Implementation Plan

a. Lead or participate in compliance monitoring activities as assigned in accordance with the Rules of Procedure in a professional manner

i. Assist in the review of notices to registered entities, work papers, reports, and other relevant documentation for accuracy and completeness.

ii. IRA documentation, past audit reports, and other relevant documentation to develop knowledge of the registered entity subject to compliance monitoring.

iii. Conduct random sampling of the elements associated with requirements being assessed in accordance with the NERC Sampling Methodology Guidelines and Criteria

b. Utilize professional judgment in the determination of findings, ensuring evidence provided is reliable, relevant, and sufficient, and documenting the elements of findings per the requirements of GAO Government Auditing Standards (GAGAS)

c. Assist in the development and maintenance of Compliance Oversight Plans (COPs) for registered entities.

d. Participate in the conduct of other work related to compliance monitoring, such as Self- Certifications, Spot Checks, periodic data submittals, and processing of Technical Feasibility Exceptions (TFEs), as assigned

e. Participate in Compliance Audits, Spot Checks, Self-Certification reviews, TFE reviews, and any other Compliance activities assigned in order to develop skills necessary to advance to Senior CIP Compliance Engineer

2. Documentation Of Work

a. Document all relevant audit results in depth using applicable MRO audit tools and processes.

b. Produce work products that meet professional standards for quality, accuracy, and completeness

3. Maintain Technical Aptitude

a. Attend training to maintain current certifications and additional certifications as prescribed by MRO Management.

b. Attend ERO-sponsored training related to the implementation of the Compliance Monitoring and Enforcement Program

c. Participate in activities designed to maintain and enhance technical aptitude in the application of Reliability Standards

d. Attend additional training outside of subject matter expertise to enhance knowledge of the application of additional standard

4. Participate in other assigned activities to benefit the MRO organization

Qualifications

Qualified candidates must possess the following:

 

Education:

Bachelor’s degree in Electrical Engineering, Computer Science, or equivalent combination of education and related industry experience resulting in demonstrated ability to perform the major duties.

 

Certification:

One or more of the following certifications are desirable:

  • Licensed Professional Engineer (PE)

  • Certified Information System Auditor (CISA)

  • Certified Information System Security Professional (CISSP)

  • Certified Protection Professional (CPP)

  • Physical Security Professional (PSP)

Experience:

Minimum requirement: Eight or more years of experience in electric power industry. Employment in a technical position having direct experience with power systems operations, substation environments, communication systems, and SCADA systems. Desired experience includes:

  • EMS design, administration, and configuration.

  • DCS (Distributed Control System) design, administration, and configuration in a power system generation environment.

  • Real-time power system operations.

  • Configuration of Intelligent Electronic Devices (IEDs) such as protective relays, Remote Terminal Units (RTUs), and Programmable Logic Controllers (PLCs) in a substation environment.

  • Experience with general network security (ex. firewalls, communications).

  • Experience with physical security, including physical access control systems.

  • Experience with application of the NERC CIP Reliability Standards.

  • Ability to understand and apply risk management concepts.

Knowledge and Abilities/Skills:

  1. Technical knowledge of factors involved in protection and control of the BPS, and the networks that support those systems.

  2. Working knowledge of power system operation and security principles.

  3. Demonstrate knowledge of the electric industry, electric power generation, transmission, and power system reliability.

  4. General knowledge of Microsoft and UNIX systems, as well as distributed network architectures.

  5. Knowledge of communications technologies, including internet, private networks, and others used in the utility or related industry.

  6. Must develop an understanding of the NERC Rules of Procedure, NERC Compliance Monitoring and Enforcement Program, and NERC Reliability Standards.

  7. Must be able to work accurately on multiple tasks while maintaining deadlines.

  8. Ability to manage, coordinate and work in a team environment with subordinate staff while being capable of working individually on projects as assigned

  9. Ability to manage projects with attention to detail for timely and accurate completion

  10. Excellent communication skills including written and verbal in group settings.

  11. Technical knowledge and proficiency in Microsoft Office including, Word, Excel, PowerPoint, Outlook.

  12. Ability to deal with ambiguity and deliver consistent results with limited direction.

  13. Familiarity with statistics and data analysis.

  14. Must have the ability to complete NERC and MRO audit training

Downloadable Job Posting

CIP Compliance Engineer