Critical Infrastructure Protection (CIP) Analyst

The basic function of CIP analyst is to support the NERC compliance programs (including policies, procedures, and documentation) by conducting detailed reviews and analysis of CIP compliance evidence, report findings, and maintaining program documents for Certrec Corporation clients. The CIP Analyst will report to their supervisor/manager for day-to-day job functions and will report to a Project Manager when working in support of a large project. It is expected that the CIP Analyst will be responsible for:

• Ensuring that all products are complete and of a high quality.
• Ensuring that projects are delivered on-time, within scope and within budget.
• Maintain of relationships with clients and seek contract opportunities for the company.

DUTIES AND RESPONSIBILITIES

The essential functions of CIP Analyst include, but are not limited to:

• Delivering high-quality CIP compliance services aligned with Certrec standards, regulatory requirements, and client expectations.
• Serving as a CIP subject-matter resource in client interactions, project meetings, and compliance engagements, while supporting strong client relationships and identifying potential service opportunities.
• Managing assigned CIP compliance activities, including audits, self-assessments, gap analyses, Internal Compliance Programs (ICPs), and compliance investigations, and providing recommendations based on regulatory changes or identified risks.
• Developing, reviewing, and maintaining CIP compliance artifacts, including client procedures, training materials, BES Asset Matrices, network diagrams, and supporting evidence.
• Evaluating and documenting client physical security programs, including access controls, detection measures, and mitigation strategies.
• Performing peer reviews of CIP work products and proactively identifying and escalating risks that may impact project quality, schedule, or scope.
• Ensuring project scope is appropriately managed and that any changes receive proper client approval and internal alignment.
• Reporting project status to clients in coordination with the Project Manager and identifying opportunities to improve or streamline compliance processes.
• Supporting and mentoring lower-level CIP analyst and collaborating across departments to meet business needs.
• Creating and maintaining training materials and delivering instruction on Certrec platforms and tools.
• Gathering, reviewing, and organizing client evidence for CIP procedures, self-assessments, data submittals, RSAWs, and related compliance activities.
• Maintaining accurate time reporting and meeting billable utilization expectations.
• Staying current on Certrec products and applicable NERC and Regional Entity CIP Reliability Standards and applying this knowledge to client work.
• Complying with all company policies and procedures.

Skills, Knowledge, and Abilities

• Communication Skills: must have the ability to clearly communicate verbally and in writing in English.
• Multi-tasking: must have the ability to simultaneously perform multiple assignments.
• Interpersonal Skills: ability to interface effectively with different levels of the organization both internally and with clients.
• Computers & Software: basic working knowledge and ability using Microsoft Excel, Outlook, and Word.
• Knowledge: Must have basic knowledge level in Compliance Services, especially in the Utility industries.

Education

• Required: An associate degree or 60 college credit hours or higher.
• Preferred: A bachelor's degree in Electrical Engineering or Computer Engineering.

Experience

• Required: 1-3 years of experience in an equivalent firm or electric utility experience in either an engineering, technical, regulatory, or operational role; or a minimum of 3 years in information technology.

Licensing/Registration/Certification

• Preferred: Certified Information Systems Security Professional (CISSP)

Physical

• Ability to remain in a stationary position for long periods while working at a computer.
• Ability to operate a computer and other standard office equipment.
• Ability to occasionally move about the office as needed, if working on office.

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.