Assures compliance with NERC (North American Electric Reliability Council) RRO (Regional Reliability Organization – ReliabilityFirst) reliability standards subject to civil penalty under FERC (Federal Energy Regulatory Commission) jurisdiction.
DUTIES AND RESPONSIBILITIES
Assures Critical Infrastructure Protection (CIP) processes, programs, criteria, and procedures are followed and documented accurately and on time in regard to strict compliance with NERC and RRO reliability standards and requirements.
Coordinates, monitors and documents compliance activities with Hoosier personnel charged with complying with CIP reliability standards. This includes Hoosier staff from Safety and Training Services, System Control Services, Power Production, and Information Systems.
Performs or assists Hoosier staff and contractors with compliance tasks. Includes assessing Access Control & Information Protection Program; performing reviews of policies, programs and procedure; ensuring malicious software components are in place and sufficient; performing risk based asset determination of critical cyber assets; reviewing and confirming that cyber policies and procedures are sufficient and complete; receiving and confirming testing of backup media and recovery plans.
Pursues continual improvement processes, programs, and procedures by evaluating automation tools and process improvement, collaborating with other entities, and working closely with Safety and Training Services, Information Systems and System Control Services which includes evaluating cost benefit of automation.
Conducts internal audits and gap analysis where appropriate. Comments on appropriate NERC and regional reliability standards under development. Participates in committee meetings, seminars and workshops as needed.
Adheres to Hoosier Energy’s Internal Compliance Program (ICP), Administrative Bulletins and Corporate policies. This includes adhering to Hoosier’s CIP Information Protection Program.
Other duties as assigned in order to meet time sensitive deadlines or compliance goals.
Bachelor’s degree in Information Systems or equivalent
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Microsoft Certified Systems Engineer (MCSE)
5 years’ in an organization subject to federally mandated standards and external assurance requirements
Must have experience in the electric utility/power industry
Prior experience with FERC regulations, NERC compliance management and market requirements preferred
Skills and Abilities:
Ability to exercise flexibility to work effectively in a changing environment
Strong problem solving and decision making skills to identify, anticipate and resolve problems at hand
Ability to manage multiple projects with varying scopes and timelines
Ability to communicate with individuals at all levels and work as part of a team
Strong written and oral communication skills
Strong organizational skills and attention to detail
Intermediate computer skills including Microsoft Office Suite
Ability to design and initiate risk-based, complex IT system compliance assessments
Hoosier Energy is an Equal Opportunity Employer M/F/Disability/Veteran