Seminole Electric
NERC CIP or SENIOR NERC CIP COMPLIANCE SPECIALIST
Seminole Electric, Tampa, Florida, us, 33646
***The successful applicant will join a small team of regulatory compliance (RGC) professionals responsible for the development, implementation, monitoring, and management of Seminole's North American Electric Reliability Corporation (NERC) compliance program. Seminole's RGC-NERC teams (both O&P and CIP) directly report to a NERC Compliance Manager and indirectly report to the Director of Regulatory Compliance and/or our General Counsel. As detailed below, the open position is seeking CIP Standards experience and/or expertise.***
***THIS POSITION MAY BE FILLED AT EITHER A SPECIALIST OR SENIOR SPECIALIST LEVEL DEPENDING ON THE QUALIFICATIONS AND EXPERIENCE OF THE CANDIDATE.***
Position Summary Description
The position is responsible for the development, implementation, monitoring, and management of Seminole's North American Electric Reliability Corporation (NERC) compliance program. This role executes specific tasks, prepares or reviews evidence showing compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards, coordinates compliance activities, and provides guidance to Subject Matter Experts (SMEs). Implements systematic continuous improvements of compliance policies, procedures, training materials, and asset lists. Maintains knowledge of current and future regulatory requirements and assesses their impact on Seminole.
Essential FunctionsGuides SMEs in the development and implementation of compliance processes and procedures.Develops internal processes and controls to achieve and sustain compliance with all applicable NERC Reliability Standards, FERC Standards of Conduct, and market manipulation training requirements.Completes internal activities relating to initiation and implementation of program changes.Assists in the development and maintenance of relevant training materials for compliance program.Provides training and direction to personnel in order to maintain an environment of continuous improvement.Coordinates:
the non-compliance process to document non-compliance to NERC standards, coordinates the evaluation of each occurrence, and tracks the implementation of corrective actionregulatory audit preparation activities to include preparation, critique and validation of reliability standard audit worksheets (RSAW's) and periodic updatesall on and off-site activities for self-certifications, audits, and cyber vulnerability assessments through the collection of documents and evidence and interaction with regulatory personnelresponse and action items required to ensure audit and cyber vulnerability assessment findings, and non-compliance suspense dates and required regulatory submittals are metthe storage of required NERC compliance documentation and evidence to ensure the material is available and follows BES Cyber System Information requirementsballoting reviews for new and revised NERC Reliability Standards
Presents updates to leadership on the status of programs, plans, reports, and related documents.Establishes and maintains effective relationships with local industry, regional entities and internal stakeholders to allow for effective achievement of business goals and compliance with program requirements.Monitors NERC Reliability Standards as well as SERC Compliance Monitoring and Enforcement Program (CMEP), to ensure Seminole remains in compliance with regulatory requirements.Participates in the NERC Standards Development Process as necessary to ensure Seminole's interests are addressed when existing standards are revised or new standards are proposed.Reviews correspondence from NERC, SERC, and industry groups to gain understanding of compliance program and appropriate electric utility industry regulatory requirements.Performs NERC Compliance Program roles if/as designated in Seminole's Standard Ownership Matrix (SOM) including ongoing evidence retention in "audit-ready" form as applicable and directed. You should also be familiar with Seminole's Enterprise Internal Compliance Program (ENT-GCD-RGC-EP-054) to further your understanding of Seminole's compliance program and the context of your duties and responsibilities attendant to your designation in the SOM.Performs other duties as applicable to the position or as assigned.Qualifications and Education Requirements
Bachelor's degree in Computer or Information Sciences, Cyber Security, Electrical Engineering, Mechanical Engineering, Business Administration, Process Management, Auditing, or Risk Management. Alternative degrees in combination with specialized experience and/or certifications may be considered.
Desire two (2) - four (4) to six (6) years' experience in a combination of the following:
NERC CIP ComplianceInformation Technology (IT), Cyber Security or comparable experience with emphasis on technical and security domainsAuditing or Risk ManagementElectric Utilities experience subject to NERC StandardsCore Competencies: Adaptable, Collaborative, Conscientious, Critical-Thinking, Outcome-Driven and Professional
Technical Competencies/Skills:
Demonstrated experience or Sufficient Knowledge of:
NERC CIP Reliability Standardsauditing procedures and risk managementchange management, incident reporting and response planningdeveloping, implementing, and maintaining processes, procedures, and evidencebusiness continuity processes and disaster recoverybasic enterprise cyber security principlessystem operator protocolsTransmission, Generation, Distribution, or Energy Management Systems
Proficiency with Microsoft Office applicationsSoft Competencies/Skills:
Effective communication and technical writing skillsAbility to:
manage multiple priorities to meet multiple deadlinesdirect program work and lead cross-functional team efforts as necessaryinterpret data and produce informative reportsassist with related projects as needed
Be self-directed, originate new ideas, and able to present methods to others
Physical Requirements
Must be able to follow established protective measures including wearing required personal protective equipment (PPE). Must have a valid driver's license and be able to maintain an acceptable motor vehicle report. Must be able to lift 25 pounds if needed.
Working Conditions
Some travel and work outside of normal business hours. While working in certain areas of generating plants there is the potential for exposure to hazards typical of an industrial working environment.
"Disclaimer - Management may modify this job description at any time and may require the performance of additional duties, or modification of physical requirements, with or without advance notice."
***THIS POSITION MAY BE FILLED AT EITHER A SPECIALIST OR SENIOR SPECIALIST LEVEL DEPENDING ON THE QUALIFICATIONS AND EXPERIENCE OF THE CANDIDATE.***
Position Summary Description
The position is responsible for the development, implementation, monitoring, and management of Seminole's North American Electric Reliability Corporation (NERC) compliance program. This role executes specific tasks, prepares or reviews evidence showing compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards, coordinates compliance activities, and provides guidance to Subject Matter Experts (SMEs). Implements systematic continuous improvements of compliance policies, procedures, training materials, and asset lists. Maintains knowledge of current and future regulatory requirements and assesses their impact on Seminole.
Essential FunctionsGuides SMEs in the development and implementation of compliance processes and procedures.Develops internal processes and controls to achieve and sustain compliance with all applicable NERC Reliability Standards, FERC Standards of Conduct, and market manipulation training requirements.Completes internal activities relating to initiation and implementation of program changes.Assists in the development and maintenance of relevant training materials for compliance program.Provides training and direction to personnel in order to maintain an environment of continuous improvement.Coordinates:
the non-compliance process to document non-compliance to NERC standards, coordinates the evaluation of each occurrence, and tracks the implementation of corrective actionregulatory audit preparation activities to include preparation, critique and validation of reliability standard audit worksheets (RSAW's) and periodic updatesall on and off-site activities for self-certifications, audits, and cyber vulnerability assessments through the collection of documents and evidence and interaction with regulatory personnelresponse and action items required to ensure audit and cyber vulnerability assessment findings, and non-compliance suspense dates and required regulatory submittals are metthe storage of required NERC compliance documentation and evidence to ensure the material is available and follows BES Cyber System Information requirementsballoting reviews for new and revised NERC Reliability Standards
Presents updates to leadership on the status of programs, plans, reports, and related documents.Establishes and maintains effective relationships with local industry, regional entities and internal stakeholders to allow for effective achievement of business goals and compliance with program requirements.Monitors NERC Reliability Standards as well as SERC Compliance Monitoring and Enforcement Program (CMEP), to ensure Seminole remains in compliance with regulatory requirements.Participates in the NERC Standards Development Process as necessary to ensure Seminole's interests are addressed when existing standards are revised or new standards are proposed.Reviews correspondence from NERC, SERC, and industry groups to gain understanding of compliance program and appropriate electric utility industry regulatory requirements.Performs NERC Compliance Program roles if/as designated in Seminole's Standard Ownership Matrix (SOM) including ongoing evidence retention in "audit-ready" form as applicable and directed. You should also be familiar with Seminole's Enterprise Internal Compliance Program (ENT-GCD-RGC-EP-054) to further your understanding of Seminole's compliance program and the context of your duties and responsibilities attendant to your designation in the SOM.Performs other duties as applicable to the position or as assigned.Qualifications and Education Requirements
Bachelor's degree in Computer or Information Sciences, Cyber Security, Electrical Engineering, Mechanical Engineering, Business Administration, Process Management, Auditing, or Risk Management. Alternative degrees in combination with specialized experience and/or certifications may be considered.
Desire two (2) - four (4) to six (6) years' experience in a combination of the following:
NERC CIP ComplianceInformation Technology (IT), Cyber Security or comparable experience with emphasis on technical and security domainsAuditing or Risk ManagementElectric Utilities experience subject to NERC StandardsCore Competencies: Adaptable, Collaborative, Conscientious, Critical-Thinking, Outcome-Driven and Professional
Technical Competencies/Skills:
Demonstrated experience or Sufficient Knowledge of:
NERC CIP Reliability Standardsauditing procedures and risk managementchange management, incident reporting and response planningdeveloping, implementing, and maintaining processes, procedures, and evidencebusiness continuity processes and disaster recoverybasic enterprise cyber security principlessystem operator protocolsTransmission, Generation, Distribution, or Energy Management Systems
Proficiency with Microsoft Office applicationsSoft Competencies/Skills:
Effective communication and technical writing skillsAbility to:
manage multiple priorities to meet multiple deadlinesdirect program work and lead cross-functional team efforts as necessaryinterpret data and produce informative reportsassist with related projects as needed
Be self-directed, originate new ideas, and able to present methods to others
Physical Requirements
Must be able to follow established protective measures including wearing required personal protective equipment (PPE). Must have a valid driver's license and be able to maintain an acceptable motor vehicle report. Must be able to lift 25 pounds if needed.
Working Conditions
Some travel and work outside of normal business hours. While working in certain areas of generating plants there is the potential for exposure to hazards typical of an industrial working environment.
"Disclaimer - Management may modify this job description at any time and may require the performance of additional duties, or modification of physical requirements, with or without advance notice."