Regulatory Compliance Associate

About The Position

Requirements

• Bachelor's degree in Computer Science or related discipline and 5-8 years of related experience or in lieu of a degree, 9-12 years of relevant work experience.
• Strong knowledge of business practices and processes in a regulatory environment, specifically NERC CIP.
• Experience leading projects or teams and knowledge of project management.
• Strong problem solving and analysis ability.
• Excellent communications skills (written and verbal). Able to present complex information both verbal and written to multiple levels of the organization.
• Ability to lead remote project teams and individuals.
• Strategic, forward thinking, solid planning and organizational skills.

Nice To Haves

• Experience with CIP specific audit skills, controls, cyber and physical security, and related industry regulatory issues- preferred.
• NERC and Regional portal administration applications: Align, Evidence Reporting Tool- preferred.
• Experience writing program level documentation (Policies, Processes, and Procedures)- preferred

Responsibilities

• Facilitate cross-department coordination of NERC CIP Standards: Collaboratively work on audit preparation and management of Reliability Standard Audit Worksheet (RSAW) development.
• Coordinate with applicable departments to ensure compliance with NERC CIP.
• Report of potential noncompliance in NERC Align system and the Secure Evidence Locker.
• Drafting self-reports and mitigation plans, as needed.
• Ensure the development of processes, workflows and evidence required for compliance to the CIP standards for which NERC CIP Assurance is accountable.
• Collaboratively work to ensure the development of processes, workflows and evidence required to meet the CIP Security Controls developed and implemented by the NERC CIP Assurance team.
• Collaboratively work with all other NERC CIP applicable business areas to develop processes, workflows and evidence necessary to achieve the NERC CIP compliance objectives.
• Provides input on process improvements to NERC CIP Compliance program.
• Identifies, resolves, and escalates, as needed, more complex program issues.
• Identify areas for improvement and take action to resolve.
• Build strong relationships with business partners and other stakeholders (NERC and Regional Entities).
• Establish positive team environment by proactively assisting and training less experienced personnel.
• Proactively engages in training and development programs to improve and maintain job performance and promote professional growth and development.
• Support other regulatory needs of the company.
• Integrate and align information security and/or cybersecurity policies to ensure system analysis meets regulatory security requirements.
• Lead and align information technology (IT) security priorities with the security strategy.
• Interpret and apply laws, regulations, policies, standards, or procedures to specific issues.
• Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
• Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.
• Define and implement policies and procedures to ensure protection of real time critical infrastructure and meet regulatory commitments.
• Assist in development, analysis, maintenance, and training of EDPR NA’s policies, procedures, standards, and other systematic preventive measures developed to ensure adherence with applicable compliance requirements and industry best practices.

Benefits

• Empower our employees through a positive and innovative work environment that promotes collaboration and agile decision-making
• Respect and value each person, providing a flexible, healthy, and inclusive workplace with a range of attractive benefits
• Provide a meaningful work experience and prepare our people for future challenges through different opportunities for development and internal mobility