Cogentrix is a leading independent power producer with a long track record of successfully acquiring, developing, constructing, operating, improving and divesting power generation assets. Cogentrix is owned by funds managed by The Carlyle Group, one of the world’s largest alternative asset management firms, and serves as Carlyle’s in-house power asset management platform. Cogentrix has been directly involved in the development, ownership, operations and management of coal-fired, natural gas-fired, and solar power assets delivering a combined generating capacity in excess of 10 GW. Through the ownership and operation of these plants, Cogentrix has participated in most of the major power regions in the U.S. Cogentrix currently manages plants in the Carlyle portfolio, which has a total net generation of approximately 5,800 MW.
The NERC CIP Site Manager, based out of Charlotte, NC, will support Cogentrix plants and Cogentrix Field Services’ customers’ plants with NERC CIP program development and implementation. This position will require periodic travel to those facilities.
The position is responsible for managing and implementing the execution of the NERC CIP Program at the site. In this role, the Program Manager ensures the facility remains in compliance with NERC CIP reliability standards and documents CIP-related activities for evidentiary purposes. The individual in this position will have a cybersecurity technical background and technical working knowledge of plant distributive control systems and protective relay functions. The Program Manager also manages and monitors the implementation of risk-based compliance solutions required to meet all NERC CIP requirements.
MAJOR DUTIES AND RESPONSIBILITIES:
- Serve as site subject matter expert on NERC CIP program activities.
- Responsible for tracking, executing, and maintaining high-quality compliance evidence for site-specific NERC CIP program activities with the focus on being “audit-ready.”
- Under the direction of the corporate NERC compliance department, provide support to investigate, develop and/or complete self-certifications, data submittals, spot checks, investigations (both internal and external), self-reports and mitigation plans.
- Execute all NERC CIP required activities as defined in the standards that apply to the Cogentrix CIP-Medium and Low BES cyber systems and assets.
- Execute, control, and proactively manage project schedules, including risk identification, risk mitigation, and Change Management as it pertains to NERC CIP program execution activities.
- Perform and track required updates / patches to software, equipment, and documentation.
- Collect and analyze data to detect deficient site controls and prevent noncompliance with NERC CIP requirements.
- Execute oversight of processes and activities to evaluate NERC Compliance.
- Monitoring of the site NERC CIP compliance program.
- Participate in compliance program audits. Review records and recordkeeping practices of compliance enforcement activities to document findings and observations that will be used to create detailed audit reports communicating the results of audits, including areas of strengths, areas for improvement, and observations to support company-wide consistency.
- Identify, develop, and effectively deliver training.
- Assist in the ongoing development and improvement of NERC CIP compliance monitoring and enforcement program policies, procedures, rules, and other activities.
- Interface with NERC CIP committees, subcommittees, working groups, and industry stakeholder groups as necessary.
- Coordinate and collaborate with the Corporate IT Department, Engineering, and NERC compliance on NERC CIP-program related planning and activities.
- Report on project status, risks, and achievement of key milestones.
- Other duties as required.
- Bachelor or Associate’s Degree is preferred in engineering or information technology or the equivalent in training and experience.
- Experience with NERC CIP / cyber security auditing, compliance, and/or engineering.
- Experience with North American Electric Reliability Corporation (NERC), Federal Energy Regulatory Commission (FERC) regulations, PJM and ISO-NE rules.
- Knowledge of NERC CIP Compliance, NERC Compliance Monitoring and Enforcement Program, and NERC Rules of Procedure.
- Experience with plant instrumentation, automation, and controls, specifically related to High Voltage systems, is highly desirable.
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other information security credentials are desirable.
- auditing, utility, regulatory, compliance, and/or engineering/plant control systems: 5 years (Preferred)
- Exceptional project management skills, including ability to properly plan and prioritize multiple program activities on an ongoing basis.
- Excellent interpersonal and communications skills.
- Advanced knowledge and application of professional auditing standards and principles.
- Ability to communicate ideas and recommendations orally and in writing.
- Advanced critical thinking and problem-solving skills.
- Ability to efficiently define and execute strategies to perform required program activities.
- Ability to meet highest attendance requirements
- Possession of a valid motor vehicle operator’s license.
- Complies with all Cogentrix policies and procedures.
- Travel requirements of approximately 30%.
- Capable of frequently standing; walking; balancing; sitting; climbing (ladders, stairs, ramps, catwalks, stacks and the like as required); stooping; squatting; crouching; crawling; and kneeling as needed.
- This position may be required occasionally to move or lift equipment that is 50 pounds.
- Must be physically capable of performing demanding work at various heights and in adverse conditions during operations, shutdowns, and in fire/emergency situations.
Job Type: Full-time
Qualified candidates should send Resume by email to email@example.com. Please note the Position in the Subject line of your email