CIP Compliance Program Manager
About The Position
Provides governance, coordination, documentation, and compliance assurance for Platte River’s North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) program. Partners closely with Information Technology (IT), Operational Technology (OT), Physical Security, and business units to ensure applicable CIP requirements are implemented, evidenced, and audit-ready across Low and Medium Impact BES Cyber Systems. The position resides within the Cybersecurity organization and serves as the primary point of coordination for CIP compliance activities, internal reviews, and audit preparation. The role works in close coordination with the Reliability Compliance organization to support regulatory compliance activities while remaining independent of the Registered Entity compliance function. System ownership and control implementation remain with IT, OT, and other designated control owners across the organization. This role is critical to ensuring the secure and reliable operation of the Bulk Electric System by supporting compliance with evolving NERC CIP standards. This posting will close no later than February 26.
Requirements
- Strong understanding of NERC CIP standards and compliance expectations
- Ability to evaluate technical implementations for: Electronic Security Perimeters (ESPs) Interactive Remote Access (IRA) solutions Jump hosts and access gateways Firewall rulesets and logging controls System integrity monitoring solutions and controls
- Familiarity with Identity and Access Management (IAM) and Privileged Access Management (PAM)
- Ability to interpret regulatory requirements and translate them into actionable compliance guidance
- Excellent organizational skills and attention to detail
- Strong verbal and written communication skills
- Ability to work independently with limited supervision
- Proficiency in Microsoft Office suite
- Ability to conduct research, develop compliance documentation, and recommend courses of action
- Five years in NERC CIP compliance, regulatory compliance, cybersecurity governance, or audit-related work experience in technical or regulatory documentation and evidence development.
- Demonstrated experience supporting NERC CIP audits, self-certifications, or internal compliance reviews.
- Bachelor's degree in information technology, cybersecurity, engineering, or related technical field, or equivalent experience
- GIAC GCIP certification or ability to obtain within one year.
- Valid driver’s license and ability to remain insurable under the vehicle liability policy.
- A bachelor’s degree in information systems, cybersecurity, engineering, or related field is preferred; a high school diploma or GED is required.
Responsibilities
- CIP compliance governance and coordination
- CIP program documentation and evidence management
- Compliance assurance and internal controls
- Audits and regulatory interface
- IT and OT compliance interface
- CIP training and program support
- Compliance tooling and automation
- Standards monitoring and industry participation
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
