Burns & McDonnell Governance & Cybersecurity Compliance Specialist - Cyber Security (Multiple Locations) in Chicago, Illinois
Burns & McDonnell assists electric power industry clients by providing comprehensive cyber security compliance program solutions. We are looking for governance & cybersecurity compliance consultants, with an emphasis on critical infrastructure regulatory standards and framework, that are forward thinking in our field, enjoy helping others succeed, and will be responsible for the design and implementation of compliance programs that provide protection of people, information, facilities, and other critical assets for our clients.
The position of Governance & Cybersecurity Compliance Specialist will have the responsibility for contributing to the strategy development, implementation, administration, and operation of governance strategies, cybersecurity frameworks, and perspective compliance programs at perspective client sites with a focus on regulatory and cybersecurity standards. This position will be an experienced industry professional in cybersecurity best practices, control systems, and NIST, ISA/IEC, NERC standard compliance controls including the self-auditing of regulatory standards.This position will be responsible for reinforcing all levels of system security/compliance program support by designing and enhancing ongoing compliance programs for perspective clients consistent with industry best practices to ensure compliance with governance & cybersecurity standards.
Develop, coordinate, and implement Bulk Electric System compliance programs (including policies, procedures, and documentation) to comply with the applicable mandatory and enforceable governance & cybersecurity Standards.
Coordinate reliability activities by participating in FERC, NERC or other Regional Entity regulatory forums; coordinating, evaluating and reviewing regulatory documents impacting client's assets and reliability activities; analyzing client's position, filings, and other documents; weighing the impact of certain actions by client; Preparing correspondence, opinions and presentations outlining client's position within area of responsibility.
Provide staff training on regulatory requirements, cybersecurity best practices and operational impacts of those requirements.
Participate comprehensive on-site and off-site audits of Registered Entities in compliance with industry compliance standards, with an emphasis on previous auditing experience.
Advise clients on best practices in managing compliance monitoring and enforcement activities relevant to the critical infrastructure sector
Evaluate client internal controls and processes to determine effectiveness and efficiency with respect to managing risk and compliance
Participate in investigations into potential violations and make determinations of alleged violations of regulatory standards.
Coordinate projects related to compliance activities ensuring that the scope, budget, schedule, and quality, etc. meets the client's needs.
Coordinate with client departments, staff, and members to achieve goals and provide direction on compliance activities while promoting a culture of compliance and security
Review energy market regulatory/security/compliance publications to keep apprised of new developments.
Travel to various client facilities as needed to review processes, records, participate in audits, consult with staff, etc.
Maintain job knowledge to ensure expertise on critical infrastructure sector standards and requirements
Develop and maintain effective relationships with existing and potential clients, customers, and contractors in order to develop business.
Ensure compliance with company and site safety policies.
All other duties as assigned.
Bachelor’s degree from an accredited curriculum in engineering, cyber security, computer science or related field – cyber security degree preferred but is not required.
Minimum of 3 years related experience in the electric industry in the areas of cyber security, regulatory compliance, power plant operations, transmission operations, asset management, or risk management. Additional applicable years of experience may be considered in lieu of degree requirement.
Must have ability to deal effectively with a wide variety of industry, government, and public contracts on project-related matters.
Demonstrated knowledge and understanding of industry standards with an emphasis on cybersecurity standards.
Demonstrated knowledge and understanding of core cyber security principles and best practices
Proven understanding of power utility operations. Experience with either transmission facilities or power generation plant operations preferable.
Knowledge and experience in risk management and internal controls preferred.
Ability to read, analyze and interpret common engineering and technical journals, financial reports, and legal documents.
Proven knowledge of Microsoft SharePoint, Excel, Word, PowerPoint, Visio, and Project software and working knowledge of power plant control systems, SCADA systems.
Excellent written and verbal communication skills for presenting both technical and non-technical information are required.
Ability to effectively prioritize tasks in a fast-paced and high-pressure environment.
Proven self-starter with the ability to work effectively in a team environment as well as individually on complex work assignments
Experience with corporate policies and procedures and/or technical writing skills.
Strong analytical and problem-solving skills.
High attention to detail.
Travel for site work is estimated to average 25-50% yearly.
Job Electrical Engineering
Primary Location US-MO-Saint Louis
Other Locations US-MO-Kansas City, US-AZ-Phoenix, CA-AB-Calgary, US-TX-Houston, US-FL-Orlando, US-CA-Brea, US-TX-Austin, US-NY-Manhattan, US-GA-Atlanta, US-TX-Dallas, US-IL-Chicago
Travel: Yes, 50 % of the Time
Req ID: 212632
#LI-JN #T&D N/A