We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Senior CIP Analyst - NERC

Orlando Utilities Commission
life insurance, parental leave, sick time, tuition reimbursement
United States, Florida, Orlando
Nov 14, 2024

OUC - The Reliable One, is presently seeking a Senior CIP Analyst - NERC to join the Legislative, Reg & Compliance division. At OUC, we don't just work - we're building a bright future of innovation and transformation for future generations.

We are seeking a detail-oriented, compliance-driven professional with a strong background in cyber security to ensure our ongoing adherence to NERC Critical Infrastructure Protection (CIP) standards. This role is pivotal to OUC's mission of maintaining a robust security posture for our critical infrastructure. You will be responsible for supporting a variety of cyber security compliance initiatives, including managing OUC's NERC CIP program requirements, conducting compliance assessments, and collaborating with internal teams to maintain OUC's standards of due care and due diligence. We are looking for an adaptable self-starter who excels at interpreting standards and thrives in a collaborative, high-stakes environment.

OUC is an industry leader and the second largest municipal utility in Florida committed to innovation, sustainability, and our community, OUC's mission is to provide exceptional value to our customers and community by delivering sustainable and reliable services and solutions.

Join a team of visionary Change Agents, Strategists, and Community Ambassadors who understand the vital role of diverse experiences in powering creativity and industry transformation. At OUC, each position contributes to the success and achievement of our goals. Click here to learn more about what we do.

The ideal candidate will have:

  • Bachelor's degree in Computer Science, Technology, Engineering, or related field from an accredited college or university
  • 5+ years of experience in Cyber Security, NERC CIP Compliance, IT consulting, or Network Engineering
  • Expertise in NERC CIP standards, Ethernet network troubleshooting, cybersecurity program management, and familiarity with cybersecurity systems, including monitoring, incident response, and routine audits
  • Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and cybersecurity tools, including Wireshark and VMware
  • Strong communication and organizational skills for collaborating with business units, interpreting compliance standards, supporting SMEs, preparing documentation, and presenting findings effectively
  • A proactive approach to managing multiple projects and evolving priorities independently

OUC offers a very competitive compensation and benefits package. Our Total Rewards package includes, to cite a few:

  • Competitive compensation
  • Low-cost medical, dental, and vision benefits and paid life insurance premiums with no probationary period.
  • OUC's Hybrid Retirement Program includes a fully-funded cash balance account, defined contribution with employer matching along with a health reimbursement account
  • Generous paid vacation, holidays, and sick time
  • Paid parental leave
  • Educational Assistance Program, to include tuition reimbursement, paid memberships in professional associations, paid conference and training opportunities
  • Wellness incentives and free access to all on-site OUC fitness facilities
  • Access to family-oriented recreational areas
  • Paid Conference and Training Opportunities
  • Free downtown parking
  • Hybrid work schedule

Click here to view our Benefits Summary.

Salary Range: $88,750 - $110,938 annually - commensurate with experience

Location: 6003 Pershing Ave. Orlando, FL 32822

Please see below a complete Job description for this position.

Job Purpose:

Responsible for supporting the effort to ensure that OUC is in compliance with all current mandatory and enforceable NERC CIP standards and properly prepared to meet all future enforceable NERC CIP standards. Performance in this role is expected to demonstrate both due care-ensuring that all required documentation, processes, are in place and if executed as designed would result in a fully compliant position-and due diligence-ensuring that all programs are executed as designed and produce sufficient evidence that Compliance can be clearly demonstrated.

Primary Functions:

  • Interpret the requirements of NERC CIP standards;
  • Assess NERC compliance application notices, interpretation requests, and ballots relating to Critical Infrastructure Protection (CIP);
  • Function as Program Manager for a variety of OUC cyber security related programs such as Access Control, Electronic Security Perimeters, etc.;
  • Partner with internal customers that implement the cyber security controls on detailed design, implementation schedule, and quality assessment and user acceptance testing;
  • Create and maintain reports as needed and perform log reviews of OUC Security Information and Event Management (SIEM) devices supporting OUC Bulk Electric System (BES) Cyber Systems;
  • Perform routine audits of CIP cyber security controls related to the network and access point infrastructure to ensure design functionality and effectiveness;
  • Perform routine audits of CIP Windows based asset classes devices to ensure design functionality and effectiveness;
  • Conduct reviews of compliance programs and documentation specifically related to NERC CIP standards to ensure that they are complete and accurate. If gaps are identified, conduct an evaluation and/or root cause analysis to identify recommended improvements and mitigating actions;
  • Perform duties as required as a member of the OUC Cyber Security Monitoring Center such as responding to Cyber Security automated system alerts;
  • Perform as cyber Subject Matter Expert (SME) on the OUC Cyber Incident Response Team (CIRT);
  • Perform a review and make specific recommendations on all Electricity Sector Information Sharing and Analysis Center security notifications;
  • Perform investigations, documentation and submittal of potential violations to regulatory organizations and ensure they are tracked for timely resolution and fully documented in auditable records.
  • Represent OUC on SERC Reliability Corporation (SERC) committees, working groups, and FRCC CIPS;
  • Perform other duties as assigned.

Technical Requirements:

  • Working knowledge of, but not limited to, the following:
  • Layer 2, layer 3 and hybrid Ethernet network drawings;
  • Microsoft Visio network drawings, rack layouts, Access List spreadsheets;
  • Ethernet Network Troubleshooting;
  • Packet tracing;
  • NERC Critical Infrastructure Protection standards;
  • Software Applications (i.e. Microsoft Visio, VMware, Kaseya, Ovation, Wireshark);
  • Familiarity with all, but not limited to, the following:
  • Equipment (i.e. Wireshark [Ethernet network Sniffing], IP telephony);
  • Cisco firewalls and switches command line expertise;
  • Related industry, organizational and departmental policies, practices and procedures; legal guidelines, ordinances and laws;
  • Demonstrated effective business communication and consultation skills to communicate effectively across a diverse group both internally and externally.
  • Ability to work independently and initiate appropriate courses of action on assignments.
  • Ability to manage multiple tasks and multiple projects and adapt with shifting priorities.
  • Ability to examine and evaluate data and present alternative actions in relation to the evaluation.
  • Ability to make arithmetic computations using whole numbers, fractions and decimals, and compute rates, ratios, and percentages;
  • Ability to use Microsoft Office Suite (Word, Excel, Outlook, etc.) and standard office equipment (telephone, computer, copier, etc.).

Education/ Certification/ Years of Experience Requirements:

  • Bachelor's Degree in Computer Science Technology, or Engineering, or related field from an accredited college or university
  • Minimum of five (5) years of experience in any of the following areas: Cyber Security, NERC CIP Compliance, IT (consultant experience preferred), or Network Engineering

Working Conditions:

This job is typically performed in an office work environment. May require occasional travel between OUC facilities.

Physical Requirements:

This job requires standing, walking, sitting, repetitive motions, climbing (ladders, stairs, hills, etc.), bending/stooping, reaching over head, kneeling and/or crawling, and lifting up to twenty (20) pounds. This job requires speaking and hearing, typing, reading, writing, and detailed inspection.

OUC-The Reliable One is an Equal Opportunity Employer who is committed through responsible management policies to recruit, hire, promote, train, transfer, compensate, and administer all other personnel actions without regard to race, color, ethnicity, national origin, age, religion, disability, marital status, gender, sexual orientation, gender identity or expression, genetic information and any other factor prohibited under applicable federal, state, and local civil rights laws, rules, and regulations.

EOE M/F/Vets/Disabled

Applied = 0

(web-5584d87848-9vqxv)