Seeking a Manager, Cyber Compliance - NERC CIP for a direct hire opportunity in Irving, TX. This person will work onsite 3 days a week and typically mid week and more if needed for audit (hybrid).
•Maintain adherence with cyber security aspects of regulatory compliance obligations (NERC CIP, PCI, NACHA & SOX)
•Oversee interaction with cyber security auditors and regulators
•Participate with plan, design, and enhancement of the processes used to meet and provide evidence of compliance with cyber security regulations and technology best practices
•Support metrics processes that track the status of compliance, effectiveness and health of the control set.
•Maintain Security Awareness program to meet compliance, security and risk requirements and standards.
•Assist with internal/external audits, HR, and legal inquiries; maintains strong working relationships with these groups
Education, Experience & Skill Requirements
•Experienced gained through college degree programs and/or certifications in technology related field, or equivalent experience
•4+ years' experience in multi-disciplined compliance with a strong understanding of PCI, SOX, NERC CIP, NIST, NACHA
•Demonstrate ability to influence decision-making processes at all levels of a large organization
•Demonstrate ability of IT Compliance, Governance best practices and Performance Improvement principles
•Ability to translate compliance regulations into language that is meaningful to many audiences
•Ability to explain compliance obligations and findings to any audience, and discuss effective implementation and remediation approaches
•Working knowledge of agile framework and methodologies
•Professional certification a plus (e.g., CISM, CISA, CISSP)
•Strong interpersonal and communication skills, and problem-solving abilities
•Providing operational and executive metrics reporting the state of compliance across regulatory obligations (NERC CIP, PCI, SOX, NACHA, etc)
•Control effectiveness, automation, efficiency and efficacy
•Developing short- and long-term strategies to improve security awareness and new compliance implementations
•Compliance finding mitigation trends
Additional Job Description
- Experience driving a NERC CIP project or initiative
- Demonstrated experience with GO/GOP applicable CIP Requirements
- Ability to create and disseminate NERC CIP training to the team
- Demonstrated ability to balance compliance and security tasks related to risk in CIP-related areas
- Ability to establish metrics/methodology/playbooks for successful NERC CIP compliance program
- Experience identifying potential Cyber Security events/incidents
- Established skills in leadership reporting and accountability of NERC CIP program.