***THIS IS A DIRECT-HIRE POSITION THAT DOES NOT OFFER VISA SPONSORSHIP. PLEASE DO NOT CONTACT ME FOR C2C. CANDIDATES MUST RESIDE WITHIN A COMMUTABLE DISTANCE FROM DOWNTOWN DENVER - DO NOT APPLY IF YOU REQUIRE RELOCATION.***
Requirements
- 6-8 years of professional experience with NERC-CIP standards
- Experience gained through college degree programs and/or certification in business, technology, or related field
- Experience in network traffic security monitoring, analysis, and response
- Exceptional reading comprehension and written communication skills
- Strong problem-solving skills and attention to detail
- Strong understanding of SCADA systems, PLCs, and other industrial control systems
Preferred
- Experience with ERCOT Protocols, ISO 27001, NIST 800-53, SOX, PCI, NACHA , NRC.
- Experience facilitating agreement across a wide range of disparate stakeholders
- Experience with ICS devices, Generation or Transmission assets
- Project management skills and experience
- Experience with Cloud security and compliance best practices
- Professional certification a plus (e.g., Network+, Certification, CISA, CISSP)
Key Responsibilities
- Reviews and audits internal compliance documentation including NERC-CIP compliant network diagrams, BES cyber asset inventories, firewall rules, transient cyber asset security documentation, and governance policies
- Investigates, documents, and addresses variances in network configurations and policies within the scope of compliance and IT/OT security
- Monitors future updates to NERC-CIP and other compliance standards and plans IT/OT configuration changes and policies accordingly
- Coordinates the creation and upkeep of NERC-CIP compliant diagrams, OT device inventories, and critical BES Cyber Asset inventories
- Oversees projects to update company network configurations and policies in response to changing NERC-CIP requirements
- Supports efforts to prepare and submit evidence for internal and external compliance reviews
- Coordinates IT response to NERC-CIP compliance reviews for all NERC registered sites annually
- Supports technology key controls, tools and compliance with regulatory requirements
- Supports the company’s business continuity strategy within the scope of IT/OT security procedures and policies
- Coordinates IT department IT/OT security activities with responsible parties, including plant management and Operations team
***THIS IS A DIRECT-HIRE POSITION THAT DOES NOT OFFER VISA SPONSORSHIP. PLEASE DO NOT CONTACT ME FOR C2C. CANDIDATES MUST RESIDE WITHIN A COMMUTABLE DISTANCE FROM DOWNTOWN DENVER - DO NOT APPLY IF YOU REQUIRE RELOCATION.***
