Manager, NERC Compliance (Lead) – CIP

About The Position

Requirements

• Deep understanding of NERC CIP standards CIP-002 through CIP-014.
• Working knowledge of O&P standards and their intersection with CIP requirements.
• Knowledge of DER aggregation, utility-scale solar, and BESS operations.
• Familiarity with NIST 800-53 security controls.
• Strong written and verbal communication skills.
• Expert-level audit defense and documentation skills.
• Proficiency with compliance systems (Jira, Confluence, SharePoint, ServiceNow, etc.).
• Strong analytical, organizational, and governance-building skills.
• Ability to collaborate cross-functionally in technical and operational environments.
• Ability to lead end-to-end CIP program development and sustainment.
• Ability to manage multiple audits, evidence requests, and compliance workflows.
• Ability to translate regulatory requirements into operational controls.
• Ability to design scalable, future-ready compliance architectures.
• Ability to build trust and communicate effectively across technical and executive teams.
• Ability to sit, stand, and work at a computer for extended periods.
• Ability to travel to NJ and other locations for audits, site visits, and operational meetings.
• Ability to safely navigate utility sites and control center environments.
• Bachelor’s degree in engineering, Cybersecurity, Information Systems, or related field (or equivalent experience).
• 8–12+ years of NERC CIP program management or audit leadership at a registered entity (GOP, TOP, RC, BA).
• Demonstrated success implementing and sustaining Low, Medium, or High Impact CIP programs.
• Experience with Regional Entity audits (RF, NPCC, SERC, WECC, etc.) and mitigation documentation.
• Strong familiarity with CIP and O&P coordination.

Nice To Haves

• Experience with DER aggregation, utility-scale solar, BESS, or Medium/High Impact Control Centers.
• Experience building compliance programs in a fast-growing renewable energy environment.
• CISA – Certified Information Systems Auditor
• NERC certifications (preferred but not required)
• Additional cybersecurity or compliance credentials

Responsibilities

• Establish and continuously improve QE Solar’s NERC CIP compliance program (CIP-002 through CIP-014).
• Own CIP-related policies, procedures, workflows, and governance structures.
• Serve as central liaison between OT, IT, Security, Legal, Operations, and Consultants.
• Ensure implementation of technical and administrative controls that meet compliance requirements.
• Oversee RSAWs, evidence, documentation, and compliance records via Jira/Confluence, SharePoint, or ServiceNow.
• Lead NERC/Regional audits, spot checks, and data requests.
• Design scalable compliance architecture supporting DER growth and potential High Impact classification.
• Support automation initiatives and process efficiencies.
• Mentor compliance and cybersecurity staff and promote proactive compliance culture.