Brief Position Description
We seek an experienced, action-oriented IT NERC CIP Compliance
Program Manager. This role is critical to IT / Security risk management, and compliance with regulatory requirements including, specifically, North American Electric Reliability Corporation
Critical Infrastructure Protection (NERC CIP) Reliability Standards. Leading, architecting, and operationalizing risk and compliance services and solutions, you will be instrumental in driving the maturity and success of our program.
Our mission is to reduce risks to the reliability and security of the electric grid. Our priorities are to succeed as One Team and deliver the commercially relevant outcomes essential to our customers and to the communities we serve. We value integrity, teamwork, and diverse perspectives. By joining our team, you can advance your career, influence compliance performance, and directly contribute to our shared success.
NERC CIP Risk & Compliance
Lead projects to plan, build, operationalize, and sustain compliance with NERC CIP standards (CIP-002 thru CIP-014).
Lead, supervise and execute critical, operational compliance services.
Manage regulatory change, including for new NERC standards for critical infrastructure protection.
Partner with technical and business control owners on the design and operation of CIP controls.
Act as a subject-matter-expert and deliver outstanding service to our customers for all matters related to compliance.
Support purpose-driven, effective engagements with our Regulators (NERC/SERC).
Plan, lead and execute IT security risk, controls & compliance assurance and advisory engagements across security domains.
Test processes and controls, identify control deficiencies, communicate findings, and recommend remediation plans.
Ensure timely delivery of the highest quality work and value-add recommendations.
Review evidence, document work-papers, communicate outcomes, and report results.
Influence leaders to act on recommendations, make process improvements, and strengthen the control environment.
Craft key messages for Management and governance bodies, including engagement objectives, status and results.
Provide effective assurance and advisory outcomes to Technology & Security leadership, and key stakeholders.
NERC CIP Governance & Performance
Lead development, implementation and maintenance of strong governance, risk & compliance processes.
Design, implement, and operationalize NERC CIP compliance requirements
Monitor regulations, and partner with stakeholders to manage regulatory changes to the IT CIP program.
Partner with 2nd and 3rd stakeholders to deliver effective services, and to support assessments and audits.
Participate in Corrective Action Program (CAP); evaluate conditions adverse to quality, safety, risk, security and compliance.
Govern and report on findings, set priorities, track status, and ensure corrective actions are complete and sustainable.
Challenge established processes and controls to ensure they are adequate and effective to mitigate risk.
Support operational reporting, management communications, and executive governance committees.
Support and/or lead continuous improvement initiatives to deliver on operational and strategic goals
Sustain purpose-driven engagement and effective interaction with Auditors, Regulators, and compliance partners.
Lead and deliver the Information Security polices, standards and procedures service.
Deliver timely and effective IT security, risk & controls 'triage' services to meet unplanned, urgent workload demands.
Drive process excellence, maturity, and act on results to develop new solutions that mitigate risks.
IT program Manager:
IT Program manager, Sr:
Direct expertise and capabilities relevant for the position. Required:
Hands-on design, implementation, and operation of NERC CIP compliance requirements.
Project management, implementation, and operationalization of NERC CIP requirements.
Practical knowledge of NERC Rules of Procedure, Compliance Monitoring & Enforcement Program, and Reliability Standards.
Leadership and delivery of high-quality policies and procedures to support effective regulatory compliance.
IT / Security controls (e.g. architecture, engineering, cyber security, infrastructure, applications, and projects).
Practical capabilities in the operation or planning of the Bulk Electric System and supporting technologies.
Management of budgets & financial reporting, and management of direct, indirect, and outsourced resources.
Effective engagement with Auditors, and Regulators (i.e. NERC, SERC, FERC, NRC).
Advanced-level communication, presentation, and relationship management skills.
skills and Behaviors
Drive multiple complex projects, achieve key milestones, with ability to reprioritize work in a fast-paced environment.
Sustain effective engagement with IT, Security, and Compliance business partners, and with Auditors, and Regulators.
Must take ownership, demonstrate a sense of urgency, and ensure accuracy and quality.
Must manage ambiguity, perform in a fast-paced environment, and resolve urgent and competing demands.
Must support planned & unplanned workload demands, with the measured courage to say "no," to focus on key priorities.
Perform other duties and responsibilities, as assigned.
Must be willing and able to work flexible hours and go above-&-beyond to deliver outcomes.
Bachelor's degree or four years of equivalent experience required.
Advanced degree preferred.
any Certificates, Licenses etc., required for the position
Must demonstrate commitment to professional development.
Primary Location: Texas-The Woodlands
Job Function: Information Technology
FLSA Status: Professional
Relocation Option: Level II
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 1
Req ID: 96484
Travel Percentage:Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
Job Segment: Program Manager, Compliance, Engineer, Law, Risk Management, Management, Legal, Engineering, Finance