Exelon Lead Analyst IT - NERC CIP Compliance in PHILADELPHIA, Pennsylvania


This role serves in a Lead Analyst capacity providing oversight, direction and technical reviews adhering to North American Electric Reliability Corporation (NERC) Standards supporting Configuration Management, Change Management, and Patch Management.


In this position the Lead Analyst serves as the primary contact in supporting North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements and deliverables. The core responsibilities focus on Change Management practices, adherence to Configuration Management execution and Security Patch discovery support.

The IT Lead Analyst manages daily Change Management and Configuration reviews supporting Business Unit Support IT areas in successfully maintaining compliance requirements. This role requires understanding of Change, Configuration and Patch Management best practices with technical experience with servers, network infrastructure and scripting solutions.

This position will be responsible for performing change management review of business unit changes, validation of evidence for compliance, perform security patch discovery and project support. Other responsibilities include understanding of general business functions including Corrective Action programs, regulatory requirements (NERC CIP, SOX), provide support to other business groups and the IT Compliance Central organization as needed.

This role will report directly to the Compliance Operations Configuration IT Manager and may require limited travel to other Exelon locations.


  • Provide daily review of IT SCADA system changes ensure compliance requirements for change management are maintained with appropriate evidence validation.

  • Accountability as the Subject Matter Expert (SME) for NERC CIP Change requirements, reviewing and ensuring change and configuration guides are accurate, align to modifications and Exelon standards are enforced.

  • Develop and maintain knowledge of NERC CIP standards and Exelon Management Model program supporting Change and Configuration Management.

  • Provide technical support for regulatory and internal audits. Will be accountable for providing evidence, response to audit inquires and support to IT Compliance Central Organization.

  • Manage multiple concurrent assignments with varying deliverables and dates.

  • Support NERC CIP Compliance projects with analysis, design, build and test solutions in accordance NERC standards.

  • Active participant in annual Cyber Security Incident response exercises supporting IT Compliance Operations

  • Assist and mentor individuals to build NERC CIP Compliance understanding and awareness

  • Actively build Information Technology, Business and Industry relationships gaining broader knowledge to support innovative solutions with NERC CIP.

- Participate in Business Area Storm support as assigned


The role of the Compliance Operations IT Lead Analyst is to support various business unit technical teams with successfully maintaining IT NERC CIP compliance standards for Change, Configuration and Patch management. A successful candidate will be required to work independently and demonstrate compliance awareness with sound project management skills. This position requires maintaining a thorough knowledge of NERC CIP standards, Exelon compliance requirements and executing to industry best practices. Continued self-improvement will include maintaining compliance awareness through seminars, presentation and publications, enhancing the IT NERC CIP Compliance Organization by promoting technological innovations to drive improved process enabling consistent repeatable processes and executing to NERC CIP Standards as an industry leader.



  • Bachelor’s degree in Computer Science or related discipline and 5 to 8 years’ experience in NERC Compliance, Cyber Security, Information Technology or equivalent combination of education and work experience.

  • Broad technical expertise with deep technical knowledge in at least one area of IT platforms such as Cisco Networking, Windows, Unix/Linux or Security solutions.

  • Understanding of Change and Configuration Management principles.

  • Patch Management practices associated with new technology implementations.

  • Basic understanding of NERC CIP Standards, FERC Regulations and Internal Controls

  • Sound communications skills: Ability to effectively communicate highly technical information in non-technical terminology (written and verbal) and effective interpersonal skills.

  • Ability to work independently and across geographic dispersed team and support groups.

  • Demonstrated leadership ability

  • Understanding of project management principles

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor

EEO is the Law Poster

Job Information Technology - Staff

Organization: BSC Information Technology

Title: Lead Analyst IT - NERC CIP Compliance

Location: IL-CHICAGO


Requisition ID: 210385