Exelon Lead Analyst IT - NERC CIP Compliance in PHILADELPHIA, Pennsylvania
This role serves in a Lead Analyst capacity providing oversight, direction and technical reviews adhering to North American Electric Reliability Corporation (NERC) Standards supporting Configuration Management, Change Management, and Patch Management.
PRIMARY PURPOSE OF POSITION
In this position the Lead Analyst serves as the primary contact in supporting North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements and deliverables. The core responsibilities focus on Change Management practices, adherence to Configuration Management execution and Security Patch discovery support.
The IT Lead Analyst manages daily Change Management and Configuration reviews supporting Business Unit Support IT areas in successfully maintaining compliance requirements. This role requires understanding of Change, Configuration and Patch Management best practices with technical experience with servers, network infrastructure and scripting solutions.
This position will be responsible for performing change management review of business unit changes, validation of evidence for compliance, perform security patch discovery and project support. Other responsibilities include understanding of general business functions including Corrective Action programs, regulatory requirements (NERC CIP, SOX), provide support to other business groups and the IT Compliance Central organization as needed.
This role will report directly to the Compliance Operations Configuration IT Manager and may require limited travel to other Exelon locations.
PRIMARY DUTIES AND ACCOUNTABILITIES
Provide daily review of IT SCADA system changes ensure compliance requirements for change management are maintained with appropriate evidence validation.
Accountability as the Subject Matter Expert (SME) for NERC CIP Change requirements, reviewing and ensuring change and configuration guides are accurate, align to modifications and Exelon standards are enforced.
Develop and maintain knowledge of NERC CIP standards and Exelon Management Model program supporting Change and Configuration Management.
Provide technical support for regulatory and internal audits. Will be accountable for providing evidence, response to audit inquires and support to IT Compliance Central Organization.
Manage multiple concurrent assignments with varying deliverables and dates.
Support NERC CIP Compliance projects with analysis, design, build and test solutions in accordance NERC standards.
Active participant in annual Cyber Security Incident response exercises supporting IT Compliance Operations
Assist and mentor individuals to build NERC CIP Compliance understanding and awareness
Actively build Information Technology, Business and Industry relationships gaining broader knowledge to support innovative solutions with NERC CIP.
- Participate in Business Area Storm support as assigned
The role of the Compliance Operations IT Lead Analyst is to support various business unit technical teams with successfully maintaining IT NERC CIP compliance standards for Change, Configuration and Patch management. A successful candidate will be required to work independently and demonstrate compliance awareness with sound project management skills. This position requires maintaining a thorough knowledge of NERC CIP standards, Exelon compliance requirements and executing to industry best practices. Continued self-improvement will include maintaining compliance awareness through seminars, presentation and publications, enhancing the IT NERC CIP Compliance Organization by promoting technological innovations to drive improved process enabling consistent repeatable processes and executing to NERC CIP Standards as an industry leader.
Bachelor’s degree in Computer Science or related discipline and 5 to 8 years’ experience in NERC Compliance, Cyber Security, Information Technology or equivalent combination of education and work experience.
Broad technical expertise with deep technical knowledge in at least one area of IT platforms such as Cisco Networking, Windows, Unix/Linux or Security solutions.
Understanding of Change and Configuration Management principles.
Patch Management practices associated with new technology implementations.
Basic understanding of NERC CIP Standards, FERC Regulations and Internal Controls
Sound communications skills: Ability to effectively communicate highly technical information in non-technical terminology (written and verbal) and effective interpersonal skills.
Ability to work independently and across geographic dispersed team and support groups.
Demonstrated leadership ability
Understanding of project management principles
Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
VEVRAA Federal Contractor
EEO is the Law Poster
Job Information Technology - Staff
Organization: BSC Information Technology
Title: Lead Analyst IT - NERC CIP Compliance
Other Locations: US-MD-BALTIMORE, US-PA-PHILADELPHIA, US-IL-OAKBROOK TERRACE
Requisition ID: 210385