NERC CIP Senior Security Analyst
About The Position
At National Grid, we keep people connected and society moving. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark. So, join us as a NERC CIP Senior Security Analyst, and find your superpower. We need you! We want to find an innovative, adaptable, and results-oriented NERC CIP Senior Security Analyst for our Security group. This position can be located in Brooklyn, NY, Waltham, MA, Syracuse, NY or Hicksville, NY. If you yearn to be innovative, contribute new ideas, and play a critical part in our US Critical National Infrastructure organization, we want to hear from you! As NERC CIP Senior Security Analyst, you'll be responsible for the comprehensive oversight and execution of all applicable NERC Critical Infrastructure Protection (CIP) standards for an assigned operational scope. Acting as the primary compliance owner for this subset of the program, you'll ensure that regulatory requirements are fully integrated into security, operational, and lifecycle processes to maintain the confidentiality, integrity, and availability of Bulk Electric System (BES) Cyber Systems. You'll be responsible for interpreting NERC CIP requirements, translating regulatory obligations into sustainable controls, and coordinating cross functional implementation with Cyber Security, IT, Operations, Engineering, Legal, and Compliance stakeholders. You'll maintain accountability for program design, documentation, and ongoing effectiveness across the assigned scope, proactively identifying compliance risks, driving mitigation strategies, and ensuring consistent application of standards throughout the system lifecycle. You'll also monitor regulatory developments, industry guidance, and enforcement trends, assessing applicability and leading required updates to processes and controls. Through continuous engagement, advisory support, and risk informed decision making, you'll ensure the assigned portion of the NERC CIP program remains resilient, defensible, and aligned with organizational reliability and security objectives.
Requirements
- Minimum 3+ years of experience working with NERC CIP compliance
- Bachelor’s degree in Cybersecurity, Information Technology, Information Systems, Engineering, or a related discipline, or equivalent utility industry experience
- Demonstrated hands on experience working directly in a NERC CIP compliance role within a registered NERC entity
- In-depth working knowledge of NERC CIP Standards (CIP002 through CIP014) and their application in electric and/or gas utility environments
- Proven experience administering and supporting a NERC CIP Compliance Program
- Technical knowledge of network infrastructure, Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Operational Technology (OT), and Intrusion Detection Systems (IDS)
- Knowledge of IT, OT, cybersecurity, and physical security controls and their intersection with CIP requirements
- Experience conducting or supporting CIP risk assessments, gap analyses, and remediation planning
- Experience supporting internal audits, spot checks, self-certifications, and external NERC or Regional Entity audits
- Ability to independently manage compliance deliverables and meet regulatory timelines
- Strong written and verbal communication skills, including drafting policies, procedures, and audit responses
- Ability to maintain accurate, consistent, and audit ready documentation in accordance with retention requirements
- High level of discretion when handling sensitive or confidential compliance and security information
- Familiarity with NIST Cybersecurity Framework, NIST 800‑53, or NIST 800‑82 in utility environments
Responsibilities
- Assist in the day-to-day administration of the NERC CIP Compliance Program
- Support the development, maintenance, and execution of policies, procedures, and controls aligned with CIP requirements
- Track compliance tasks and help ensure timely completion of deliverables
- Participate in internal and external audits and spot checks
- Gather, organize, and maintain evidence to demonstrate compliance with CIP standards
- Assist in risk assessments, gap analyses, and remediation planning
- Help identify and escalate compliance issues and support mitigation activities
- Work closely with IT, Cybersecurity, OT Cybersecurity, physical security and other teams to support compliance related activities
- Support the delivery of CIP compliance and security awareness training programs
- Help ensure employees understand NERC CIP obligations and responsibilities
- Provide user support for compliance related processes
- Maintain detailed records of compliance activities and evidence in accordance with retention requirements
- Ensure documentation is accurate, consistent, and audit ready
Benefits
- Flexible scheduling
- Health insurance
- Dental insurance
- Vision insurance
- Life insurance
- Disability insurance
- 401k
- Professional development
- Learning and development program
- Employee discount programs
- Wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
