Lead Analyst IT - NERC CIP Compliance

Philadelphia, Pennsylvania
25 Sep 2016
24 Oct 2016
Oil and Gas
Contract Type
Full Time
At Exelon, we've got a place for you!

Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce.

Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits.

Join Exelon and share your passion at a forward-thinking Fortune 150 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon!

The Critical Infrastructure Protection (CIP) Lead Analyst is responsible for ensuring the regional entity's adherence to the North American Electric Reliability Corporation (NERC) CIP Rules of Procedure, Compliance Monitoring and Enforcement Program, specifically as it pertains to the CIP security standards. CIP Standards provide cyber security framework for protection of computer systems supporting reliable operation of Bulk Electric System. The CIP Lead Analyst will evaluate the adherence to process, procedures and evidence produced. This position reports to the manager of CIP Operations. CIP Operations is a central Exelon organization which promotes collaboration, shared learning, and the identification of best practices in support of the Exelon NERC CIP program. The position will interface with stakeholders supporting NERC CIP program across Exelon, including various IT organizations, transmission and generation business organizations and associated compliance teams and legal. Limited travel to other Exelon locations may be required.


The Lead Analyst IT NERC CIP is responsible for the execution of NERC CIP related activities across the NERC CIP Compliance Operations team. This position reports to the NERC CIP Manager. This position works with: NERC CIP Project Managers / Initiative Managers, Standard Owners, Operational Compliance Owners and Business Unit Compliance Contacts (BUCCs) across all Exelon business areas.

- Provide overall support to the NERC CIP Compliance Operations activities as needed.

- Identify and promote continuous improvement opportunities related to NERC CIP processes and procedures

- Support development and tracking of Self Reports and Mitigation Plans, coordinating with Transmission Strategy & Compliance (TS&C), BUCC's, Standard Owners, Legal, registered entity(ies) and other team members.

- Understand proposed/new industry regulations or other changes that may impact the Exelon NERC CIP program


- Working knowledge of Linux, Unix and Windows Administration.

- Drive innovation by Automating manual tasks and optimizing service delivery

- Participate in regional entity CIP compliance program spot audits/audits • Review records and recordkeeping practices of regional entities' compliance CIP enforcement activities. Perform sufficiency review for evidence of compliance

- Prepare detailed audit reports communicating the results of CIP audits, including areas of strengths and areas for improvement. Write Technical & Reference Materials (T&RM) documenting internal processes

- Develop and implement oversight program to evaluate the regional entity's adherence to the NERC Rules of Procedure, Compliance Monitoring and Enforcement Program, and delegation agreements. Develop detailed material, information and tools to improve consistency in CIP auditing and compliance monitoring.

- Provide CIP support to Compliance Violation Investigations and the Exelon Corrective Action Program

- Assist in the ongoing development and improvement of NERC compliance monitoring and enforcement program policies, procedures, rules. Develop KPI for CIP Compliance monthly reporting

- Support operational compliance by performing QA for access control, System Access Controls, Information Protection, Recovery Plans, and Disconnected System Management.



- Bachelor's degree in Computer Science or related discipline and typically 3 to 5 years relevant experience or equivalent combination of education and work experience.

- Strong knowledge of NERC CIP Reliability Standards and Requirements

- Familiarity with Access Controls, Information Protection, Recovery Plans.

- Support travel to the various Exelon areas involved in the CIP program

- Solid leadership skills

- Excellent communications skills (written and verbal)

- Strong problem solving and analysis ability.

- Strategic planning and stakeholder engagement skills

- Understanding of working in matrix team situations

- Ability to work with remote project teams

- Audit or enforcement experience
- Strong understanding of the bulk power system

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor

EEO is the Law Poster