Critical Infrastructure Protection (CIP) Analyst

About The Position

Requirements

• Communication Skills: must have the ability to clearly communicate verbally and in writing in English.
• Multi-tasking: must have the ability to simultaneously perform multiple assignments.
• Interpersonal Skills: ability to interface effectively with different levels of the organization both internally and with clients.
• Computers & Software: basic working knowledge and ability using Microsoft Excel, Outlook, and Word.
• Knowledge: Must have basic knowledge level in Compliance Services, especially in the Utility industries.
• Education Required: An associate degree or 60 college credit hours or higher.
• Experience Required: 1-3 years of experience in an equivalent firm or electric utility experience in either an engineering, technical, regulatory, or operational role; or a minimum of 3 years in information technology.
• Physical Ability to remain in a stationary position for long periods while working at a computer.
• Ability to operate a computer and other standard office equipment.
• Ability to occasionally move about the office as needed, if working on office.

Nice To Haves

• Preferred: A bachelor’s degree in Electrical Engineering or Computer Engineering.
• Licensing/Registration/Certification Preferred: Certified Information Systems Security Professional (CISSP)

Responsibilities

• Delivering high-quality CIP compliance services aligned with Certrec standards, regulatory requirements, and client expectations.
• Serving as a CIP subject-matter resource in client interactions, project meetings, and compliance engagements, while supporting strong client relationships and identifying potential service opportunities.
• Managing assigned CIP compliance activities, including audits, self-assessments, gap analyses, Internal Compliance Programs (ICPs), and compliance investigations, and providing recommendations based on regulatory changes or identified risks.
• Developing, reviewing, and maintaining CIP compliance artifacts, including client procedures, training materials, BES Asset Matrices, network diagrams, and supporting evidence.
• Evaluating and documenting client physical security programs, including access controls, detection measures, and mitigation strategies.
• Performing peer reviews of CIP work products and proactively identifying and escalating risks that may impact project quality, schedule, or scope.
• Ensuring project scope is appropriately managed and that any changes receive proper client approval and internal alignment.
• Reporting project status to clients in coordination with the Project Manager and identifying opportunities to improve or streamline compliance processes.
• Supporting and mentoring lower-level CIP analyst and collaborating across departments to meet business needs.
• Creating and maintaining training materials and delivering instruction on Certrec platforms and tools.
• Gathering, reviewing, and organizing client evidence for CIP procedures, self-assessments, data submittals, RSAWs, and related compliance activities.
• Maintaining accurate time reporting and meeting billable utilization expectations.
• Staying current on Certrec products and applicable NERC and Regional Entity CIP Reliability Standards and applying this knowledge to client work.
• Complying with all company policies and procedures.