At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams. Apply here to start an extraordinary career today.
AES Clean Energy is hiring a Senior NERC CIP Compliance Specialist who will be responsible for providing leadership, independent compliance oversight, guidance, and direction necessary to maintain ongoing compliance with the NERC Critical Infrastructure Protection (CIP) Standards to support reliable operation of the Bulk Electric System (BES). This role is a key member of the Legal and NERC Compliance team within AES Clean Energy.
This position is remote (US territory only) with a 10% of travelling to the AES offices in the US.
Primary Duties and Responsibilities
- Demonstrate in-depth understanding of applicable NERC CIP Standards.
- Maintain sound technical understanding of NERC compliance monitoring and enforcement processes.
- Perform detailed and technical walkthroughs of procedures and evidence used to demonstrate compliance with applicable NERC CIP Standards.
- Lead risk-based, periodic mock audits and gap assessments to ensure compliance with applicable NERC CIP Standards.
- Communicate applicable NERC compliance information, Standards, and Requirements in a clear, concise manner.
- Provide strategic direction and compliance oversight in developing, implementing, and evaluating project plans, goals, and timelines for the implementation of internal controls across all applicable CIP Standards.
- Coordinate proactive development of policies, plans, procedures, and recordkeeping of evidence with internal organizations to ensure compliance with NERC CIP Standards and Requirements.
- Assist the business development teams in defining scopes of service for third-party contractors and reviewing proposed contract changes as they relate to NERC Standards.
- Participate in the evaluation and mitigation of potential CIP compliance concerns.
- Facilitate periodic internal compliance assessments and spot checks on applicable CIP Standards.
- Monitor and report on NERC CIP compliance status to various internal partners. This includes both summary compliance/risk reporting for the Executive Leadership Team as well as targeted, practical reporting to other stakeholder groups.
- Develop and deliver NERC CIP compliance training for various audiences.
- Collaborate with applicable business areas to identify and implement technologies to automate and streamline compliance monitoring and reporting processes.
- Apply understanding of NERC compliance monitoring and enforcement processes to provide recommendations and/or solutions to compliance issues.
- Act as a liaison between the NERC Compliance team and internal collaborators on topics related to NERC CIP compliance.
- Participate in industry focus groups and conferences to share information and stay abreast of the ever-changing NERC compliance landscape.
- Assist in developing responses to regulatory compliance requests, enforcement actions, and data-reporting from a NERC CIP compliance perspective.
Skills and Experience
AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion. Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work. All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and/or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law. E-Verify Notice: AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
The expected salary for this position, at commencement of employment, is between $75,000 and $106,250/Annual; however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements such as annual bonus, in addition to a full range of medical, dental, vision, life, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave), dependent on the position offered. Details of participation in these benefit plans will be provided if a candidate receives an offer of employment. If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.
- Bachelor's degree in Computer Science, Business Management, Engineering or equivalent knowledge and experience is desired.
- Three to five years of related work experience.
- CISSP, CISA, or similar certification(s) is a plus.
- Ability to manage, prioritize, and complete multiple activities, depending on the needs of the team and the business.
- Experience with CIP specific audit skills, internal controls development, cyber and/or physical security, and related industry regulatory issues.
- Experience with NERC and Regional portal administration applications.
- Experience in implementing and/or maintaining a NERC CIP compliance program.
- Highly motivated, self-starter willing to take on new challenges.
- Prior NERC CIP and GO/GOP compliance experience including compliance monitoring, training, and audit support.
- Exceptional attention to detail with commitment to fostering a culture of compliance and security.
- Strong project management skills.
- Working knowledge of Microsoft Word, Excel, PowerPoint, and SharePoint.
- Experience with applying risk management frameworks is a plus.