Senior Specialist, NERC CIP Compliance

At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams. Apply here to start an extraordinary career today.

AES Clean Energy is hiring a Senior NERC CIP Compliance Specialist who will be responsible for providing leadership, independent compliance oversight, guidance, and direction necessary to maintain ongoing compliance with the NERC Critical Infrastructure Protection (CIP) Standards to support reliable operation of the Bulk Electric System (BES). This role is a key member of the Legal and NERC Compliance team within AES Clean Energy.

This position is remote (US territory only) with a 10% of travelling to the AES offices in the US.

Primary Duties and Responsibilities

• Demonstrate in-depth understanding of applicable NERC CIP Standards.
• Maintain sound technical understanding of NERC compliance monitoring and enforcement processes.
• Perform detailed and technical walkthroughs of procedures and evidence used to demonstrate compliance with applicable NERC CIP Standards.
• Lead risk-based, periodic mock audits and gap assessments to ensure compliance with applicable NERC CIP Standards.
• Communicate applicable NERC compliance information, Standards, and Requirements in a clear, concise manner.
• Provide strategic direction and compliance oversight in developing, implementing, and evaluating project plans, goals, and timelines for the implementation of internal controls across all applicable CIP Standards.
• Coordinate proactive development of policies, plans, procedures, and recordkeeping of evidence with internal organizations to ensure compliance with NERC CIP Standards and Requirements.
• Assist the business development teams in defining scopes of service for third-party contractors and reviewing proposed contract changes as they relate to NERC Standards.
• Participate in the evaluation and mitigation of potential CIP compliance concerns.
• Facilitate periodic internal compliance assessments and spot checks on applicable CIP Standards.
• Monitor and report on NERC CIP compliance status to various internal partners. This includes both summary compliance/risk reporting for the Executive Leadership Team as well as targeted, practical reporting to other stakeholder groups.
• Develop and deliver NERC CIP compliance training for various audiences.
• Collaborate with applicable business areas to identify and implement technologies to automate and streamline compliance monitoring and reporting processes.
• Apply understanding of NERC compliance monitoring and enforcement processes to provide recommendations and/or solutions to compliance issues.
• Act as a liaison between the NERC Compliance team and internal collaborators on topics related to NERC CIP compliance.
• Participate in industry focus groups and conferences to share information and stay abreast of the ever-changing NERC compliance landscape.
• Assist in developing responses to regulatory compliance requests, enforcement actions, and data-reporting from a NERC CIP compliance perspective.

Skills and Experience

• Bachelor's degree in Computer Science, Business Management, Engineering or equivalent knowledge and experience is desired.
• Three to five years of related work experience.
• CISSP, CISA, or similar certification(s) is a plus.
• Ability to manage, prioritize, and complete multiple activities, depending on the needs of the team and the business.
• Experience with CIP specific audit skills, internal controls development, cyber and/or physical security, and related industry regulatory issues.
• Experience with NERC and Regional portal administration applications.
• Experience in implementing and/or maintaining a NERC CIP compliance program.
• Highly motivated, self-starter willing to take on new challenges.
• Prior NERC CIP and GO/GOP compliance experience including compliance monitoring, training, and audit support.
• Exceptional attention to detail with commitment to fostering a culture of compliance and security.
• Strong project management skills.
• Working knowledge of Microsoft Word, Excel, PowerPoint, and SharePoint.
• Experience with applying risk management frameworks is a plus.