Placement papers | Freshers Walkin | Jobs daily: Cyber Security Compliance Risk Engineer at Western Electricity Coordinating Council (Salt Lake City, UT)


Search jobs and placement papers

Cyber Security Compliance Risk Engineer at Western Electricity Coordinating Council (Salt Lake City, UT)

Position Overview

The Cyber Security Engineer oversees cyber security risks related to the bulk power system in the Western Interconnection in accordance with Critical Infrastructure Protection (CIP) standards as defined by the North American Electric Reliability Corporation (NERC). The Cyber Security Engineer assesses risks posed by noncompliance to the CIP standards and develops oversight plans for registered entities. This position answers to the Director of Risk Assessment and Mitigation.


Your Role

  • Measure the cyber security and physical security risk, risk tolerance, and overall program success at improving grid reliability.
  • Assess cyber and physical security risks and controls within a registered entity used for scoping of compliance monitoring activities, as appropriate.
  • Assess the risks and controls of all noncompliance(s) and recommend enforcement actions equal to the risks posed to the bulk power system.
  • Find emerging CIP-related risks to the bulk power system through event analysis and compliance assessments.
  • Find instances of noncompliance to NERC CIP standards and requirements.
  • Do root cause analyses of noncompliance(s) with NERC CIP standards and requirements.
  • Assess how affective a registered entitys mitigation plan(s) is for noncompliance issues, the root cause(s) found, and other enforcement-related inputs.
  • Review and accept or reject a registered entitys mitigation plans based on their adequacy
  • Review and verify evidence given by registered entities to ensure the entity is compliant and that it has completed the mitigation plans.
  • Make improvements to and documentation of the risk assessment and mitigation program.
  • Take part in other assigned tasks.


About You

You are a qualified candidate if you have

  • A Bachelor of Science degree in engineering, computer science, information systems/security, computer or systems engineering, or an equivalent combination of education and industry experience.
  • A background in regulatory and/or compliance activities.
  • A background in cyber security oversight and the three lines of defense model.
  • Understanding of computer systems, servers, switches, firewalls, etc.
  • A knowledge of Microsoft and UNIX systems, as well as distributed network architecture.
  • A knowledge of communications technologies, including internet, private networks, virtual networks, and others used in the electric utility or a related industry.
  • The ability to work with data-intensive information and draw meaningful conclusions from that information.
  • Excellent organizational skills with an ability to work on multiple projects at the same time.
  • Excellent presentation, written, and verbal communication skills with strong technical writing skills.
  • Experience working with teams and technical specialists.
  • The ability to work by yourself on multiple tasks while keeping deadlines.
  • The ability to manage projects with attention to details for timely and accurate completion.


You are an EXCELLENT candidate if you

  • Have three to five years experience in bulk power system operations, planning, modeling, protection and control, cyber security, IT audit, or IT risk management.
  • Have a graduate-level degree, such as a Master of Computer Science, Master of Information Systems.
  • Have experience with NERC/FERC/NIST/GLBA/FFIEC/SOX compliance.
  • Have experience in EMS/SCADA planning, modeling, cyber security, physical security, IT audits, or IT risk management.
  • Know and understand NERC Reliability Standards.
  • Understand the operations and planning of the bulk power system and supporting technologies.
  • CRISC, CISA, CISSP, CISM, CRISC or related professional certifications.
  • Focus on results rather than simply completing tasks.
  • Ask for and accept help.
  • Learn from and take accountability for your mistakes.
  • Embrace the challenges and rewards of change.
  • Treat everyone as a colleague, regardless of position or title.
  • Have a passion for continuous learning, professional development, and personal improvement.


Salary and Benefits:

The salary will be competitive and commensurate with relevant experience as well as the responsibilities of the position. The position is eligible for relocation assistance and an excellent benefits package, including medical, dental, vision, life insurance, short-term and long-term disability, 401(k) plan, and paid personal time.


by via developer jobs - Stack Overflow
 

No comments:

Post a Comment