NERC CIP Analyst
Previous Job
Previous
NERC CIP Analyst
Ref No.: 18-35575
Location: Irwindale, California
Position Type:Contract
Start Date: 05/22/2018
NERC CIP Compliance Analyst for IT Computing Services Department responsible for NERC CIP Regulatory Compliance issues and matters. Serve as a primary liaison and lead between Computing Services and NERC Compliance & Governance.

Responsibilities:
Perform SCADA System compliance including: Critical Asset identification and Classification, Security Vulnerability Assessment, Risk Analysis, Mitigation/Remediation, Validation
Perform system compliance on Centralized Remedial Action Scheme (CRAS)
Ensure all evidence, processes and controls comply with NERC CIP v5 Standards for in scope assets
Collect evidence and troubleshoot technical configuration issues utilizing centralized logging and password management tools
Coordinate/collaborate with technical engineers on compliance network related issues with routers and switches pertaining to their roles and functions as Electronic Access Point (EAP) and/or Access Control List (ACL)
Assist and partook in major on site Regional Entity Audits with Western Electricity Coordinating Council (WECC)
Oversee post-implementation of new NERC HW/SW rollouts and/or refresh to ensure that all input/output and interface controls are properly implemented and protected while retaining data integrity throughout the cycles
Manage and ensure that proper internal controls are sound and are firmly supported with strong written procedures
Ensure and review the defense best practices by checking proper usage of Intrusion Detection System (IDS) and accuracy to alert any and all unauthorized login attempts to highly protected Domains and Critical Cyber Assets (CCA).

Preferences:
Bachelor's degree in Computer Science, Computer Information Systems or similarly related field.

Minimum requirements:
Minimum 5 years experience with NERC CIP Compliance
Minimum 5 years experience with SCADA System Compliance
Experience with CRAS System compliance
Experience with Public Key Infrastructure (PKI)