We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Orlando Utilities Commission jobs

NERC CIP Analyst

Orlando Utilities Commission
life insurance, parental leave, sick time, tuition reimbursement
United States, Florida, Orlando
Feb 22, 2025

OUC - The Reliable One, is presently seeking a NERC CIP Analyst to join the Legislative, Reg & Compliance division. At OUC, we don't just work - we're building a bright future of innovation and transformation for future generations.

We are seeking a detail-oriented, compliance-driven professional with a strong background in cyber security to ensure our ongoing adherence to NERC Critical Infrastructure Protection (CIP) standards. This role is pivotal to OUC's mission of maintaining a robust security posture for our critical infrastructure.

You will be responsible for supporting a variety of cyber security compliance initiatives, including managing OUC's NERC CIP program requirements, conducting compliance assessments, and collaborating with internal teams to maintain OUC's standards of due care and due diligence. We are looking for an adaptable self-starter who excels at interpreting standards and thrives in a collaborative, high-stakes environment.

OUC is an industry leader and the second largest municipal utility in Florida committed to innovation, sustainability, and our community, OUC's mission is to provide exceptional value to our customers and community by delivering sustainable and reliable services and solutions.

Join a team of visionary Change Agents, Strategists, and Community Ambassadors who understand the vital role of diverse experiences in powering creativity and industry transformation. At OUC, each position contributes to the success and achievement of our goals. Click here to learn more about what we do.

The ideal candidate will have:

  • Bachelor's degree in Computer Science, Technology, Engineering, or related field from an accredited college or university
  • 3+ years of experience in Cyber Security, NERC CIP Compliance, IT consulting, or Network Engineering
  • Preferred certification: Certified Informational Systems Security Professional (CISSP)
  • Expertise in NERC CIP standards, Ethernet network troubleshooting, cybersecurity program management, including monitoring, incident response, and routine audits
  • Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and cybersecurity tools, including Wireshark and VMware
  • Strong communication and organizational skills for collaborating with business units, interpreting compliance standards, supporting SMEs, preparing documentation, and presenting findings effectively
  • A proactive approach to managing multiple projects and evolving priorities independently

OUC offers a very competitive compensation and benefits package. Our Total Rewards package includes, to cite a few:

  • Competitive compensation
  • Low-cost medical, dental, and vision benefits and paid life insurance premiums with no probationary period.
  • OUC's Hybrid Retirement Program includes a fully-funded cash balance account, defined contribution with employer matching along with a health reimbursement account
  • Generous paid vacation, holidays, and sick time
  • Paid parental leave
  • Educational Assistance Program, to include tuition reimbursement, paid memberships in professional associations, paid conference and training opportunities
  • Wellness incentives and free access to all on-site OUC fitness facilities
  • Access to family-oriented recreational areas
  • Paid Conference and Training Opportunities
  • Free downtown parking
  • Hybrid work schedule

Click here to view our Benefits Summary.

Salary Range: $77,752- $98,440 annually - commensurate with experience

Location: 6003 Pershing Ave. Orlando, FL 32822

Please see below a complete Job description for this position.

Job Purpose:

Responsible for helping ensure OUC's ability to remain compliant with NERC CIP standards, as well as address regulatory issues dictated by the Department of Homeland Security as it relates to Critical Infrastructure/Key Resources. The CIP Analyst is responsible for reviewing, evaluating, and correcting all documentation used to perform or support compliance with these requirements, evaluating and interpreting current and proposed new industry cyber security requirements, and supporting OUC interests in development of new industry cyber security standards.

Primary Functions:

  • Interpret the requirements of NERC CIP standards;
  • Assess NERC compliance application notices, interpretation requests, and ballots relating to Critical Infrastructure Protection (CIP);
  • Schedule periodic CIP Program reviews with other CIP Program Managers, and Subject Matter Experts (SMEs). Create agendas and send invitations;
  • Periodically review access control lists on access points to electronic security perimeters (ESPs);
  • Periodically review both physical and cyber access control logs, and logs of OUC Security Information and Event Management (SIEM) devices supporting OUC Bulk Electric System (BES) Cyber Systems;
  • Conduct quality assurance signoffs for cyber security controls testing;
  • Assist in the preparation of OUC documents (processes, procedures, policies, etc.) supporting CIP compliance;
  • Perform duties as required as a member of the OUC Cyber Security Monitoring Center such as responding to Cyber Security automated system alerts;
  • Provide technical review of NERC balloted CIP standards;
  • Support the other CIP Analysts during peer reviews of standard requirements with other entities of the same registration;
  • Review and evaluate OUC existing processes in meeting CIP standard requirements;
  • Recommend changes to existing processes to better meet CIP standard requirements;
  • Ensure that all compliance related documents follow the standards as specified;
  • Help to ensure proper lifecycle management of all OUC documents classified as sensitive, confidential, or critical;
  • Provide CIP compliance-related expertise to other business units as required;
  • Work closely with other business units responsible for directly implementing CIP-related functions, to ensure compliance;
  • Assist in maintaining and managing various programs required to ensure compliance to CIP standards;
  • Assist teams in routine audits of CIP cyber security controls and Windows based asset classes devices to ensure design functionality and effectiveness;
  • In conjunction with SMEs, identify risks to the reliability of the Bulk Electric System, and develop Internal Controls that will mitigate the risks as well as ensure compliance with regulatory requirements.
  • Perform other duties as assigned.

Technical Requirements:

  • Working knowledge of all, but not limited to, the following:
  • NERC and SERC Rules of Procedures and FERC orders,;
  • Interpret NERC CIP standard requirements;
  • Information systems including client server architectures, communications, and networking, security, and access control;
  • FERC, NERC, and SERC common terminology;
  • Familiarity with all, but not limited to the following:
  • Software Applications (i.e. Syslog server [i.e. Qradar, Splunk, etc.]);
  • Script writing in multiple languages (i.e. Java, shell, etc.);
  • Power shell scripts and similar scripts; VBA Programming;
  • Unix system administration;
  • Related industry, organizational and departmental policies, practices and procedures; legal guidelines, ordinances and laws;
  • Demonstrated effective business communication and consultation skills to communicate effectively across a diverse group both internally and externally.
  • Ability to work independently and initiate appropriate courses of action on assignments.
  • Ability to manage multiple tasks and multiple projects and adapt with shifting priorities.
  • Ability to examine and evaluate data and present alternative actions in relation to the evaluation.
  • Ability to make arithmetic computations using whole numbers, fractions and decimals, and compute rates, ratios, and percentages;
  • Ability to use Microsoft Office Suite (Word, Excel, Outlook, etc.) and standard office equipment (telephone, computer, copier, etc.).

Education/ Certification/ Years of Experience Requirements:

  • Bachelor's Degree in Computer Science Technology, or Engineering, or related field from an accredited college or university
  • Minimum of three (3) years total experience in any of the following areas: Cyber Security, NERC CIP Compliance, IT (consultant experience preferred), or Network Engineering
  • Preferred certification: Certified Informational Systems Security Professional (CISSP)

Working Conditions:

This job is typically performed in an office work environment. May require occasional travel between OUC facilities.

Physical Requirements:

This job requires standing, walking, sitting, repetitive motions, climbing (ladders, stairs, hills, etc.), bending/stooping, reaching over head, kneeling and/or crawling, and lifting up to twenty (20) pounds. This job requires speaking and hearing, typing, reading, writing, and detailed inspection.

OUC-The Reliable One is an Equal Opportunity Employer who is committed through responsible management policies to recruit, hire, promote, train, transfer, compensate, and administer all other personnel actions without regard to race, color, ethnicity, national origin, age, religion, disability, marital status, gender, sexual orientation, gender identity or expression, genetic information and any other factor prohibited under applicable federal, state, and local civil rights laws, rules, and regulations.

EOE M/F/Vets/Disabled

Applied = 0
MORE JOBS LIKE THIS

(web-7d594f9859-2nzb9)