***The successful applicant will join a small team of regulatory compliance (RGC) professionals responsible for the development, implementation, monitoring, and management of Seminole’s North American Electric Reliability Corporation (NERC) compliance program. Seminole’s RGC-NERC teams (both O&P and CIP) directly report to a NERC Compliance Manager and indirectly report to the Director of Regulatory Compliance and/or our General Counsel. As detailed below, the open position is seeking CIP Standards experience and/or expertise.***
***THIS POSITION MAY BE FILLED AT EITHER A SPECIALIST OR SENIOR SPECIALIST LEVEL DEPENDING ON THE QUALIFICATIONS AND EXPERIENCE OF THE CANDIDATE.***
Position Summary Description
The position is responsible for the development, implementation, monitoring, and management of Seminole’s North American Electric Reliability Corporation (NERC) compliance program. This role executes specific tasks, prepares or reviews evidence showing compliance with NERC Critical Infrastructure Protection (CIP) Reliability Standards, coordinates compliance activities, and provides guidance to Subject Matter Experts (SMEs). Implements systematic continuous improvements of compliance policies, procedures, training materials, and asset lists. Maintains knowledge of current and future regulatory requirements and assesses their impact on Seminole.
Essential Functions
Guides SMEs in the development and implementation of compliance processes and procedures.
Develops internal processes and controls to achieve and sustain compliance with all applicable NERC Reliability Standards, FERC Standards of Conduct, and market manipulation training requirements.
Completes internal activities relating to initiation and implementation of program changes.
Assists in the development and maintenance of relevant training materials for compliance program.
Provides training and direction to personnel in order to maintain an environment of continuous improvement.
Coordinates:
the non-compliance process to document non-compliance to NERC standards, coordinates the evaluation of each occurrence, and tracks the implementation of corrective action
regulatory audit preparation activities to include preparation, critique and validation of reliability standard audit worksheets (RSAW's) and periodic updates
all on and off-site activities for self-certifications, audits, and cyber vulnerability assessments through the collection of documents and evidence and interaction with regulatory personnel
response and action items required to ensure audit and cyber vulnerability assessment findings, and non-compliance suspense dates and required regulatory submittals are met
the storage of required NERC compliance documentation and evidence to ensure the material is available and follows BES Cyber System Information requirements
balloting reviews for new and revised NERC Reliability Standards
Presents updates to leadership on the status of programs, plans, reports, and related documents.
Establishes and maintains effective relationships with local industry, regional entities and internal stakeholders to allow for effective achievement of business goals and compliance with program requirements.
Monitors NERC Reliability Standards as well as SERC Compliance Monitoring and Enforcement Program (CMEP), to ensure Seminole remains in compliance with regulatory requirements.
Participates in the NERC Standards Development Process as necessary to ensure Seminole’s interests are addressed when existing standards are revised or new standards are proposed.
Reviews correspondence from NERC, SERC, and industry groups to gain understanding of compliance program and appropriate electric utility industry regulatory requirements.
Performs other duties as applicable to the position or as assigned.
Qualifications and Education Requirements
Bachelor's degree in Computer or Information Sciences, Cyber Security, Electrical Engineering, Mechanical Engineering, Business Administration, Process Management, Auditing, or Risk Management. Alternative degrees in combination with specialized experience and/or certifications may be considered.
Desire two (2) - six (6) years' experience in a combination of the following:
NERC CIP Compliance
Information Technology (IT), Cyber Security or comparable experience with emphasis on technical and security domains
Auditing or Risk Management
Electric Utilities experience subject to NERC Standards
Core Competencies: Adaptable, Collaborative, Conscientious, Critical-Thinking, Outcome-Driven and Professional
Technical Competencies/Skills:
Demonstrated experience or Sufficient Knowledge of:
NERC CIP Reliability Standards
auditing procedures and risk management
change management, incident reporting and response planning
developing, implementing, and maintaining processes, procedures, and evidence
business continuity processes and disaster recovery
basic enterprise cyber security principles
system operator protocols
Transmission, Generation, Distribution, or Energy Management Systems
Proficiency with Microsoft Office applications
Soft Competencies/Skills:
Effective communication and technical writing skills
Ability to:
manage multiple priorities to meet multiple deadlines
direct program work and lead cross-functional team efforts as necessary
interpret data and produce informative reports
assist with related projects as needed
Be self-directed, originate new ideas, and able to present methods to others
Physical Requirements
Must be able to follow established protective measures including wearing required personal protective equipment (PPE). Must have a valid driver’s license and be able to maintain an acceptable motor vehicle report. Must be able to lift 25 pounds if needed.
Working Conditions
Some travel and work outside of normal business hours. While working in certain areas of generating plants there is the potential for exposure to hazards typical of an industrial working environment.
“Disclaimer - Management may modify this job description at any time and may require the performance of additional duties, or modification of physical requirements, with or without advance notice.”
