GRC with NERC CIP

VDart, Inc. Logo
VDart, Inc.
San Diego, CA, United States
  • Environmental
  • FullTime
  • Shift
  • Applications have closed

Role: Risk & Compliance NERC CIP

Location: – San Diego, CA Onsite / HYBRID 3 days at office every week and 2 days remote.

Job Description:

Work-Experience:

  • Total 8-10 years in IT Technical role with at least 7 years’ experience in Information Security and exposure to regulatory audits and testing.

Type of Experience:

  • Possess strong knowledge of IT security technologies, operating systems, databases, and network infrastructure.
  • Experienced in implementing, managing, and auditing security and compliance regulations (NERC CIP, SOX, PCI DSS, GDPR, HIPAA, GLBA), standards (ISO 27001, BS 17799), and frameworks (ITIL, NIST, COBIT).
  • Hands-on experience with GRC tools for building and supporting Governance, Risk, and Compliance solutions.
  • Proficient in risk management, compliance assurance, and audit processes.
  • Coordinate Information Security initiatives to support NERC CIP, SOX or regulatory compliance activities.
  • Demonstrated success in delivering risk and compliance management services within a client-based delivery environment

Certifications

  • CISSP / CISA / CISM / ISO 27001 is a must, along with other technical certification like CCNA, CCNP, CCSA etc.

Areas of Responsibility

  • Develop and maintain NERC CIP compliance frameworks, policies, and procedures.
  • Collaborate with internal and external stakeholders to fulfill security audit requirements and facilitate audit processes.
  • Design and implement NERC CIP control testing procedures tailored to the organization’s IT environment.
  • Conduct control testing for NERC CIP compliance across applications and IT infrastructure.
  • Monitor and report Key Risk Indicators (KRIs), and perform root cause analysis for significant deviations.
  • Continuously assess the effectiveness of existing security measures and identify areas requiring remediation.
  • Review, design, and implement IT security procedures and guidelines across various IT functions and services.
  • Maintain documentation and evidence in accordance with BES Cyber System Information requirements.
  • Generate reports to support compliance monitoring and continuous improvement initiatives, ensuring alignment with internal security policies and regulatory requirements
  • Manage and respond to information security incidents in a timely and effective manner.
  • Support compliance initiatives at both functional and organizational levels, with a focus on information security and risk management.
  • Understanding of GRC tool for policy or regulatory compliance Management
  • Lead and mentor a team of compliance analysts and security professionals to ensure effective execution of compliance activities

Soft Skills Required

  • Strong problem-solving skills, effective team collaboration, and excellent communication and documentation abilities.
  • Capable of managing multiple tasks across diverse teams within a broad domain.
  • Proficient in preparing informative presentations and MIS documentation.
  • Willing to work in rotational shifts
  • Adheres to organizational policies and procedures in alignment with Information Security guidelines.
  • Self-motivated and proactive, with the ability to take initiative and work independently with minimal supervision
Apply for job