NERC CIP Compliance Technical Auditor

Are you ready to be part of a company that's not just talking about the future, but actively shaping it? Join The AES Corporation (NYSE: AES), a Fortune 500 company that's leading the charge in the global energy revolution. With operations spanning 14 countries, AES is committed to shaping a future through innovation and collaboration. Our dedication to innovation has earned us recognition as one of the Top Ten Best Workplaces for Innovators by Fast Company in 2022. And with our certification as a Great Place to Work, you can be confident that you're joining a company that values its people just as much as its groundbreaking ideas.

AES is proudly ranked #1 globally in renewable energy sales to corporations, and with $12.7B in revenues in 2023, we have the resources and expertise to make a significant impact as we provide electricity to 25 million customers worldwide. As the world moves towards a net-zero future, AES is committed to meeting the Paris Agreement's goals by 2050. Our innovative solutions, such as 24/7 carbon-free energy for data centers, are setting the pace for rapid, global decarbonization.

If you're ready to be part of a company that's not just adapting to change, but driving it, AES is the place for you. We're not just building a cleaner, more sustainable future - we're powering it. Apply now and energize your career with a true leader in the global energy transformation.

Qualifications:

AES Clean Energy is seeking a highly technical NERC CIP Compliance Technical Auditor to provide leadership, independent oversight, and expert guidance in maintaining continuous compliance with the NERC CIP Standards that support the reliable operation of the Bulk Electric System. This role requires a strong technical foundation in cybersecurity, operational technology, and controlsystem environments, along with the ability to perform detailed technical assessments, validate complex security controls, and interpret technical evidence with precision. As a key member of the Compliance team, this position plays a critical role in driving a robust, technically sound culture of NERC CIP compliance across the organization.

Primary Duties and Responsibilities

• Demonstrate deep expertise in applicable NERC CIP Standards (CIP002 through CIP014).
• Maintain strong technical knowledge of NERC compliance monitoring and enforcement processes.
• Clearly and concisely communicate NERC compliance requirements, standards, and expectations to Subject Matter Experts (SMEs).
• Conduct periodic internal compliance assessments and spot checks to verify adherence to applicable Standards.
• Monitor updates to new and existing CIP Standards, and coordinate comments from internal SMEs for industry commenting and balloting activities.
• Support legal and project management teams by defining scopes of service for thirdparty contractors and reviewing contract changes for alignment with NERC Standards.
• Participate in evaluating potential compliance concerns as a member of the NERC compliance team.
• Collaborate with IT and OT teams to identify, recommend, and implement technologies that automate and streamline compliance monitoring and reporting processes.
• Apply knowledge of NERC monitoring and enforcement processes to develop solutions and recommendations for compliance issues.
• Serve as a liaison between NERC Compliance and internal stakeholders on all compliancerelated matters.
• Engage in industry focus groups and conferences to remain informed about evolving NERC compliance expectations and best practices.
• Lead responses to regulatory requests, enforcement actions, and datareporting obligations from a NERC CIP perspective

• Skills and Experience

• Bachelor's degree in Computer Science, Information Systems/Security, Computer or Systems Engineering, or a related technical field, with 4-6 years of NERC CIP experience demonstrating ability to perform required responsibilities.
• Foundational knowledge of information technology, cybersecurity, operations technology, networking systems, and/or EMS operations.
• Experience participating in IT audits and implementing or overseeing security and internal controls.
• Strong leadership, interpersonal, analytical, and timemanagement skills.
• Proven ability to work effectively and lead across multiple organizations and stakeholder groups.
• Experience with Industrial Control Systems (ICS).
• Excellent verbal and written communication skills.
• Ability to manage, prioritize, and execute multiple priorities and projects in a dynamic environment.
• Experience performing internal spot checks and compliance assessments.
• Handson experience supporting or monitoring a NERC CIP compliance program.
• Highly motivated selfstarter with a strong desire to take on new challenges.
• Previous CIP and GO/GOP/TO/TOP compliance experience including monitoring, training, and audit support.
• Exceptional attention to detail and commitment to fostering a culture of compliance.
• Strong project management capabilities.
• Proficiency with Microsoft Word, Excel, PowerPoint, and SharePoint.
• Ability to apply one or more riskmanagement frameworks (preferred but not required).
• Optional but beneficial certifications: CISA, CIA, Security+.