Demo

CIP Engineer / Specialist, Risk Assessment and Mitigation

SERC Reliability Corporation
Charlotte, NC Full Time
POSTED ON 3/10/2025
AVAILABLE BEFORE 6/9/2025

SERC OVERVIEW :

The electric grid is vital to our everyday lives. It is fundamental for the health, safety, and well-being of our communities, and provides the platform for our economy and our societal and technological advances. SERC's mission is to reduce risks to the reliability and security of the electric grid (also known as the bulk power system), not only for today but also for the future.

To achieve this mission, we maintain a diverse team of experts across numerous disciplines in order to address the complex, evolving, and dynamic challenges facing the grid. Our team also partners with the best and brightest individuals from both the power industry and the federal government to understand and address the challenges facing the grid. These key partnerships make our work more informed, pragmatic, responsive, and impactful.

POSITION SUMMARY :

The CIP Engineer / Specialist, Risk Assessment and Mitigation is responsible for performing risk assessments of potential Bulk Electric System noncompliance issues and associated mitigating activities, verifying the completion of those mitigating activities, performing inherent risk assessments of registered entities, and participating in internal controls assessments of registered entities in support of the Compliance Monitoring and Enforcement Program for CIP Reliability Standards.

DUTIES AND RESPONSIBILITIES :

Compliance Enforcement Process

  • Provide subject matter expertise on Critical Infrastructure Protection (CIP) and cyber / physical security.
  • Act as compliance Single Point of Contact (SPOC) for registered entities, as assigned, to respond to potential noncompliances, and investigate, evaluate and make risk determinations of alleged violations; record relevant violation information in the compliance tracking and reporting system.
  • Develop comprehensive risk determination documentation comprising the relevant record for each assigned CIP noncompliance processed.
  • Communicate with registered entities, NERC, and other regions as necessary to investigate noncompliances and to pursue appropriate enforcement actions.
  • Review submitted mitigation plans for appropriate content; work with registered entities to produce mitigation plans to remedy violations and recommend mitigation plans for regional acceptance.
  • Respond to inquiries from registered entities, other SERC staff, other regional entities and NERC.
  • Obtain, document, and reference evidence and documentation in support of settlement discussions.
  • Utilize, create and maintain when appropriate, database queries and reports in support of compliance processing.
  • File documentation related to each step of the Compliance Monitoring and Enforcement Program process in the appropriate documentation repository.
  • Develop and produce compliance enforcement materials in support of presentations to the SERC Board of Directors and committees.
  • Perform initial screening and prioritization of new issues (self-report, audit findings, complaints, disturbances, or events).
  • Provide evidence, testimony, and documentation in support of Hearing Proceedings, as needed.

Risk Assessment

  • Assess regional risk on a periodic basis.
  • Assess entity level risk and controls in preparation for scoping compliance monitoring activities, as appropriate.
  • Assess risk / harm of Possible Violations and recommend Enforcement disposition commensurate with the assessed risk posed by the specific violation.
  • Identify and analyze emerging risks that have potential impact to the Bulk Electric System in conjunction with events analysis and compliance assessments.
  • Develop registered entity risk assessments.
  • Participate in registered entity internal control reviews.
  • Compliance Program Support

  • Assume responsibility as a subject matter expert for the development and revision of compliance implementation procedures and guides.
  • Review and summarize data analysis on CIP-related issues, including themes and trends.
  • Manage potential non-compliances of CIP issues and their related mitigation plans.
  • Facilitate, and lead where applicable, inter-regional working groups including scheduling and meeting preparations, agenda management, taking minutes, and maintaining task lists; participate in stakeholder interface group meetings, as assigned.
  • Perform other assignments as directed.
  • QUALIFICATIONS :

  • Comprehensive and in-depth knowledge of NERC critical infrastructure protection standards.
  • Familiarity with security controls, their implementation and use in a networked or stand-alone environment.
  • Excellent organizational and time management skills.
  • Project management skills.
  • Ability to work with and analyze data-intensive and detailed information, and to draw meaningful conclusions from that information.
  • Computer skills, proficient with Microsoft Office applications, including Word, Excel, Access, and PowerPoint.
  • Effective communication skills (face-to-face, telephone, written and email, and presentation skills).
  • EDUCATION AND / OR EXPERIENCE :

  • Five years of experience associated with computer systems used in the electric utility industry, or 5 years of experience in securing computer systems, including both physical and electronic security; experience working within an electric utility Control Center preferred.
  • Four year and / or higher educational degree in Engineering, Computer Engineering or Computer Science / Technology, or equivalent experience.
  • One or more of the following certifications, or the ability to obtain within 12 months :
  • Certified Information System Auditor (CISA)

  • Certified Information System Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • COMMITMENT TO CULTURE :

    SERC is dedicated to being a highly desirable place to work through culture and purpose. We place a strategic focus on critical elements such as Diversity & Inclusion, Innovation & Collaboration, and Organizational Development & Talent Management. Through this strategic focus, SERC has identified its four Cultural Attributes that we believe keeps us on the path of continuous improvement.

    CULTURAL ATTRIBUTES :

  • Leader - Is trustworthy, principled, and respectful and strive to create value that reduces risk. Has a positive vision and is actively building support to execute it. A leader takes personal accountability for the outcomes of their choices and actions, acts with professionalism and adapts to change in a calm and positive manner. A leader will, when appropriate, ask questions and recommend alternative solutions to new processes or procedures.
  • Collaborative - Partner and engage, both internally and externally, to drive meaningful action by leveraging skills, knowledge and tools. This would include effective written and verbal communication to ensure ideas and messages are clearly and concisely conveyed, being responsive to all stakeholders, understanding goals and objectives while exceeding key metrics and targets. Encourages dialog and candor while making it safe for others to voice their opinion to ensure all alternative viewpoints are heard, they are an active listener.
  • Expert - Being credible, objective, disciplined, and sought after to help with continuous learning, improvements, and innovations. Exhibit knowledge of and ensures compliance with industry best practices and regulations. Take initiative to set priorities and convey important information in a timely and efficient manner. Employ good judgment when evaluating a problem by analyzing risk and identifying consequences while demonstrating a sense of organizational stewardship.
  • Purposeful - Proactively demonstrate initiative, intentionality and resourcefulness to help anticipate and navigate current and future challenges. Committed to the quality of work and ensures work is delivered at appropriate deadlines while seeking operational efficiencies. Initiate appropriate follow-up while leveraging industry knowledge and business acumen to make appropriate decisions. Treat others with compassion and empathy and embrace the organization's mission and vision while providing meaningful contributions to organizational endeavors.
  • If the traits and characteristics listed in our Cultural Attributes resonate with you, we encourage you to apply!

    SALARY / BENEFITS :

    The salary range for this position is DOE. We offer a generous PTO package; paid holidays; medical, dental, vision, life, short-term and long-term disability insurance, and a 401(k) plan with an organization contribution of up to 14%.

    WORK ENVIRONMENT :

    The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Hybrid work environment; 50 / 50 Split in the Charlotte office and remote work (department weekly common day = Tuesdays); ability to travel as needed.
  • SERC is an Equal Opportunity Employer

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a CIP Engineer / Specialist, Risk Assessment and Mitigation?

    Sign up to receive alerts about other jobs on the CIP Engineer / Specialist, Risk Assessment and Mitigation career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $107,623 - $139,321
    Income Estimation: 
    $133,494 - $170,282
    Income Estimation: 
    $131,105 - $151,214
    Income Estimation: 
    $128,269 - $173,633
    Income Estimation: 
    $157,111 - $225,157
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $73,707 - $95,263
    Income Estimation: 
    $91,142 - $116,690
    Income Estimation: 
    $80,876 - $132,043
    Income Estimation: 
    $91,142 - $116,690
    Income Estimation: 
    $116,347 - $154,557
    Income Estimation: 
    $150,417 - $183,047
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Not the job you're looking for? Here are some other CIP Engineer / Specialist, Risk Assessment and Mitigation jobs in the Charlotte, NC area that may be a better fit.

    CIP-Specialist

    Prime Beverage Group LLC, Concord, NC

    Civil Engineer (Mitigation Specialist)

    Total Solutions, Inc. (TSI), Charlotte, NC

    AI Assistant is available now!

    Feel free to start your new journey!