Reliability Assurance Analyst, Senior (CIP)

ITC Holdings•Novi, MI

About The Position

This position provides subject matter expertise and independent oversight for a cybersecurity and reliability compliance program aligned to the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards. The role leads risk-informed compliance activities, maintains and enhances internal controls, supports audit readiness, and partners with IT, Operations, Security, and Engineering to implement sustainable processes. Candidates with relevant experience in cybersecurity, GRC, IT audit, network/IT security operations are encouraged to apply; prior NERC CIP experience is not required on day one and will be supported through onboarding, training, and mentorship. At ITC, the company is building a greater grid ready for today’s technology and tomorrow’s possibilities, fueling innovation and strengthening the grid every day for a more reliable and affordable energy future.

Requirements

Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Computer Engineering, Information Assurance, or a related field, or an equivalent combination of education and relevant experience.
Minimum of five (5) years’ experience in an IT related function.
Strong foundational knowledge of cybersecurity concepts (e.g., networking, firewalls, IDS/IPS, VMs, identity and access management, patch and change management) and the ability to learn and apply regulatory requirements (including NERC CIP) with training and support.
Experience creating, maintaining, or validating policies/procedures, control documentation, and audit-ready evidence (e.g., for security, IT controls, or compliance programs).
Demonstrated ability to work independently, manage complex compliance activities, and meet deadlines with minimal supervision.
Strong analytical, organizational, and problem-solving skills with exceptional attention to detail.
Excellent written and verbal communication skills, including the ability to communicate effectively with technical staff, management, and auditors.
Strong proficiency with Microsoft Office and collaboration tools (Word, Excel, PowerPoint, Visio, Outlook, Teams, SharePoint, Power BI).
Ability to manage multiple priorities in a dynamic regulatory environment.
Willingness to accept accountability for compliance outcomes and continuous improvement.
Applicants must be authorized to work in the United States for any employer. ITC does not sponsor employment visas, such as H-1B or TN visas.

Nice To Haves

Professional certifications related to Cybersecurity, IT Audit, Information Security, Networking, Firewall configuration (e.g., CISSP, CISM, CISA, CRISC, CCNA, CCNP, CCIE or equivalent).
NERC CIP experience supporting High and/or Medium Impact BES Cyber Systems.
Demonstrated experience supporting NERC audits, spot checks, self-certifications, or mitigation plans, including direct interaction with auditors or Regional Entities.
Working knowledge of cybersecurity/audit frameworks (e.g., NIST Cybersecurity Framework, NIST SP 800-series, COBIT) as applied to CIP compliance.
Experience collaborating with IT, Cybersecurity, Operations, Engineering, and Physical Security teams in a regulated utility environment.
Familiarity with evidence management tools, GRC platforms, or document management systems.
Experience interpreting and applying NERC Reliability Standards, Rules of Procedure, and CMEP guidance.
Utility, transmission, generation, or ISO/RTO industry experience strongly preferred.
Experience with Power BI or other data manipulation tools.

Responsibilities

Learns, interprets, and applies NERC CIP Reliability Standards (with training and support) and translates requirements into clear, actionable guidance for technical and operational teams.
Partners with IT, Cybersecurity, Operations, Engineering, and Physical Security to design, document, and sustain internal controls that meet regulatory and audit expectations.
Leads and performs compliance and control documentation reviews, including evidence validation, gap assessments, and evaluations of control effectiveness.
Maintains and improves compliance processes (e.g., procedures, checklists, workflows, and templates) to drive consistency, traceability, and audit readiness.
Plans and executes spot checks, self-certifications, and pre-audit activities; identifies risks, tracks mitigation actions, and validates corrective actions through closure.
Supports and/or leads responses to compliance monitoring activities (e.g., audits, spot checks, data requests), including coordinating responses, reviewing narratives, and assembling complete evidence packages.
Monitors regulatory developments (FERC, NERC, and Regional Entities), assesses applicability, and communicates potential impacts, risks, and required actions to stakeholders.
Develops and delivers training, job aids, and communications that improve awareness of compliance obligations and stakeholder responsibilities.
Maintains and enhances compliance repositories (e.g., SharePoint).
Mentors and provides guidance to junior analysts to support team development and consistent application of compliance practices.
Contributes to continuous improvement initiatives by identifying process gaps, recommending solutions, and helping implement measurable enhancements.
Performs other duties as assigned in support of the reliability compliance program.