Principal, NERC Cybersecurity Compliance (CIP)

Glocomms is partnered with a major Electric Power Generation company, seeking a seasoned Principal to lead and enhance its NERC CIP cybersecurity compliance program across its clean energy portfolio, including power generation, energy storage, and SCADA-integrated assets. This role is pivotal in ensuring the organization's adherence to NERC CIP standards and driving compliance fitness in a fast-paced, highly regulated utility environment. The ideal candidate will bring deep expertise in OT/IT cybersecurity, regulatory compliance, and advanced technology, with a strong focus on internal controls and performance demonstration for Medium and High Impact BES Cyber Systems.

Key Responsibilities:

• Lead the development, implementation, and continuous improvement of Invenergy's NERC CIP compliance program.
• Ensure alignment with NERC reliability standards and CIP policies across operational and information technology domains.
• Advocate for internal standards and policy enhancements to support compliance and cybersecurity resilience.
• Oversee compliance performance demonstrations for Medium and High Impact BES Cyber Systems.
• Collaborate with cross-functional teams including engineering, operations, and legal to maintain compliance posture.
• Conduct vulnerability assessments, firewall reviews, and SCADA system evaluations to ensure cybersecurity integrity.
• Develop and deliver training programs to promote awareness and understanding of NERC CIP requirements.
• Monitor regulatory developments and participate in industry forums to influence policy and rulemaking.
• Utilize tools such as MS SharePoint and KPI applications to track, report, and analyze compliance metrics.
• Support audits, self-certifications, and mitigation plans with thorough documentation and evidence gathering.
• Benchmark against industry best practices to identify gaps and opportunities for improvement.

Requirements:

• Bachelor's Degree in IT, Computer Science, Cybersecurity, Engineering, or related field.
• Preferred certifications: CISSP, CISM, CISA.
• 10+ years of experience in IT/OT cybersecurity, preferably within the utility or energy sector.
• 5+ years of hands-on experience implementing and managing NERC CIP compliance programs.
• Proven track record in regulatory compliance, internal controls, and policy advocacy.
• Strong understanding of SCADA systems, networking, firewall technologies, and vulnerability scanning.
• Excellent critical thinking, problem-solving, and facilitation skills.
• Effective written and verbal communication, including presentation and training delivery.
• Ability to handle confidential information with discretion.
• Comfortable working in a dynamic, fast-paced environment.

This role is fully onsite in Chicago, IL. Sponsorship is not available now or in the future. If you are interested, please apply in!