Be a Part of Something that Matters

At WECC, we affect the lives of 80 million people by influencing risk monitoring and mitigation to the power system in the West. The grid is changing quickly as environmental regulations, economics, technology, and customer demands push the power industry to higher limits. Help us continue our important work by joining our team as a Mitigation Engineer, CIP.

In this role, you will serve as a subject matter expert regarding the NERC Critical Infrastructure Protection (CIP) standards to registered entities and peers within the ERO Enterprise. You may deliver presentations at workshops, webinars, and conferences regarding CIP standards to transmission facilities, generation facilities, and control center operations.

A remote-work option may be considered on a case-by-case basis for candidates outside of the Salt Lake City area. 

You will—

• Apply technical knowledge to evaluate the facts and circumstances for noncompliance to determine the extent of the condition.
• Assess the noncompliance to determine the extent of condition and the risk it presented to the reliability and security of the bulk power system (BPS).
• Perform comprehensive root cause analysis.
• Develop mitigation plans with registered entities that address the remediation of the noncompliance and the root cause.
• Review and validate the completion of mitigating activities or mitigation plans submitted by registered entities.
• Support intra-departmental initiatives at WECC.
• Perform other duties related to the NERC Compliance Monitoring and Enforcement Program (CMEP).

You will enjoy this role if—

• You hold a bachelor’s degree in engineering or a related field, or have an equivalent combination of education and related industry experience resulting in a demonstrated ability to perform major duties.
• You have one or more years of relevant industry experience in at least two of the following areas:
  • In-depth understanding of cybersecurity and the concept of defense, such as intrusion detection and intrusion prevention;
  • Understanding of devices associated with Supervisory Control and Data Acquisition (SCADA) and other Industrial Control System devices such as relays, RTUs, HMIs, PCs;
  • Understanding of physical security systems and concepts for physical hardening of critical sites;
  • General knowledge of the OSI model, networks, and devices such as servers, switches, firewalls;
  • Understanding of communications technologies, including internet, private networks, virtual networks, and others used in the utility or related industry.
• You possess a basic technical knowledge of factors involved in cybersecurity, IT audit, and/or IT risk management related to the BPS.
• You can carry out a wide range of complex analyses, reports, and investigations concerning cybersecurity and physical security of the BPS.
• You enjoy presenting research, findings, and recommendations, both orally and in writing, to a diverse audience of technical and non-technical professionals.
• You can give clear, comprehensive, but concise reports and present findings and recommendations to a diverse audience of professionals.
• You understand:
  • NERC CIP standards and monitoring or implementation of these standards;
  • The business and operational functions of an electric utility (generation, transmission, and power system reliability) and familiarity with the risks and controls of these functions; and
• You possess industry certifications such as CRISC, CISA, CISSP, CISM, CRISC or related professional information systems certifications. Willingness to achieve industry certifications.

At WECC we—

• Seek information and ask for help,
• Are accountable,
• Embrace the challenges and rewards of change,
• Treat everyone as a colleague,
• Pursue continuous learning,
• Focus on results over completing activities.

Benefits

WECC offers an excellent benefits package, including medical, dental, vision, life insurance, short-term and long-term disability, a 401(k) plan, and paid personal time.

***

Be a part of something that matters!