Reliability Assurance Analyst, Senior (CIP)

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Computer Engineering, Information Assurance, or a related field, or an equivalent combination of education and relevant experience.
• Minimum of five (5) years’ experience in an IT related function.
• Strong foundational knowledge of cybersecurity concepts (e.g., networking, firewalls, IDS/IPS, VMs, identity and access management, patch and change management) and the ability to learn and apply regulatory requirements (including NERC CIP) with training and support.
• Experience creating, maintaining, or validating policies/procedures, control documentation, and audit-ready evidence (e.g., for security, IT controls, or compliance programs).
• Demonstrated ability to work independently, manage complex compliance activities, and meet deadlines with minimal supervision.
• Strong analytical, organizational, and problem-solving skills with exceptional attention to detail.
• Excellent written and verbal communication skills, including the ability to communicate effectively with technical staff, management, and auditors.
• Strong proficiency with Microsoft Office and collaboration tools (Word, Excel, PowerPoint, Visio, Outlook, Teams, SharePoint, Power BI).
• Ability to manage multiple priorities in a dynamic regulatory environment.
• Willingness to accept accountability for compliance outcomes and continuous improvement.
• Applicants must be authorized to work in the United States for any employer. ITC does not sponsor employment visas, such as H-1B or TN visas.

Nice To Haves

• Professional certifications related to Cybersecurity, IT Audit, Information Security, Networking, Firewall configuration (e.g., CISSP, CISM, CISA, CRISC, CCNA, CCNP, CCIE or equivalent).
• NERC CIP experience supporting High and/or Medium Impact BES Cyber Systems.
• Demonstrated experience supporting NERC audits, spot checks, self-certifications, or mitigation plans, including direct interaction with auditors or Regional Entities.
• Working knowledge of cybersecurity/audit frameworks (e.g., NIST Cybersecurity Framework, NIST SP 800-series, COBIT) as applied to CIP compliance.
• Experience collaborating with IT, Cybersecurity, Operations, Engineering, and Physical Security teams in a regulated utility environment.
• Familiarity with evidence management tools, GRC platforms, or document management systems.
• Experience interpreting and applying NERC Reliability Standards, Rules of Procedure, and CMEP guidance.
• Utility, transmission, generation, or ISO/RTO industry experience strongly preferred.
• Experience with Power BI or other data manipulation tools.

Responsibilities

• Learns, interprets, and applies NERC CIP Reliability Standards (with training and support) and translates requirements into clear, actionable guidance for technical and operational teams.
• Partners with IT, Cybersecurity, Operations, Engineering, and Physical Security to design, document, and sustain internal controls that meet regulatory and audit expectations.
• Leads and performs compliance and control documentation reviews, including evidence validation, gap assessments, and evaluations of control effectiveness.
• Maintains and improves compliance processes (e.g., procedures, checklists, workflows, and templates) to drive consistency, traceability, and audit readiness.
• Plans and executes spot checks, self-certifications, and pre-audit activities; identifies risks, tracks mitigation actions, and validates corrective actions through closure.
• Supports and/or leads responses to compliance monitoring activities (e.g., audits, spot checks, data requests), including coordinating responses, reviewing narratives, and assembling complete evidence packages.
• Monitors regulatory developments (FERC, NERC, and Regional Entities), assesses applicability, and communicates potential impacts, risks, and required actions to stakeholders.
• Develops and delivers training, job aids, and communications that improve awareness of compliance obligations and stakeholder responsibilities.
• Maintains and enhances compliance repositories (e.g., SharePoint).
• Mentors and provides guidance to junior analysts to support team development and consistent application of compliance practices.
• Contributes to continuous improvement initiatives by identifying process gaps, recommending solutions, and helping implement measurable enhancements.
• Performs other duties as assigned in support of the reliability compliance program.