NERC CIP Senior Security Analyst

At National Grid, we keep people connected and society moving. But it's so much more than that. National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don't plan on leaving any of our customers in the dark. So, join us as a NERC CIP Senior Security Analyst, and find your superpower. We need you!

We want to find an innovative, adaptable, and results-oriented NERC CIP Senior Security Analyst for our Security group. This position can be located in Brooklyn, NY, Waltham, MA, Syracuse, NY or Hicksville, NY. If you yearn to be innovative, contribute new ideas, and play a critical part in our US Critical National Infrastructure organization, we want to hear from you!

As NERC CIP Senior Security Analyst, you'll be responsible for the comprehensive oversight and execution of all applicable NERC Critical Infrastructure Protection (CIP) standards for an assigned operational scope. Acting as the primary compliance owner for this subset of the program, you'll ensure that regulatory requirements are fully integrated into security, operational, and lifecycle processes to maintain the confidentiality, integrity, and availability of Bulk Electric System (BES) Cyber Systems.

You'll be responsible for interpreting NERC CIP requirements, translating regulatory obligations into sustainable controls, and coordinating cross functional implementation with Cyber Security, IT, Operations, Engineering, Legal, and Compliance stakeholders. You'll maintain accountability for program design, documentation, and ongoing effectiveness across the assigned scope, proactively identifying compliance risks, driving mitigation strategies, and ensuring consistent application of standards throughout the system lifecycle.

You'll also monitor regulatory developments, industry guidance, and enforcement trends, assessing applicability and leading required updates to processes and controls. Through continuous engagement, advisory support, and risk informed decision making, you'll ensure the assigned portion of the NERC CIP program remains resilient, defensible, and aligned with organizational reliability and security objectives.

• Assist in the day-to-day administration of the NERC CIP Compliance Program
• Support the development, maintenance, and execution of policies, procedures, and controls aligned with CIP requirements
• Track compliance tasks and help ensure timely completion of deliverables
• Participate in internal and external audits and spot checks
• Gather, organize, and maintain evidence to demonstrate compliance with CIP standards
• Assist in risk assessments, gap analyses, and remediation planning
• Help identify and escalate compliance issues and support mitigation activities
• Work closely with IT, Cybersecurity, OT Cybersecurity, physical security and other teams to support compliance related activities
• Support the delivery of CIP compliance and security awareness training programs
• Help ensure employees understand NERC CIP obligations and responsibilities
• Provide user support for compliance related processes
• Maintain detailed records of compliance activities and evidence in accordance with retention requirements
• Ensure documentation is accurate, consistent, and audit ready

• Minimum 3+ years of experience working with NERC CIP compliance
• Bachelor's degree in Cybersecurity, Information Technology, Information Systems, Engineering, or a related discipline, or equivalent utility industry experience
• Demonstrated hands on experience working directly in a NERC CIP compliance role within a registered NERC entity
• In-depth working knowledge of NERC CIP Standards (CIP002 through CIP014) and their application in electric and/or gas utility environments
• Proven experience administering and supporting a NERC CIP Compliance Program
• Technical knowledge of network infrastructure, Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Operational Technology (OT), and Intrusion Detection Systems (IDS)
• Knowledge of IT, OT, cybersecurity, and physical security controls and their intersection with CIP requirements
• Experience conducting or supporting CIP risk assessments, gap analyses, and remediation planning
• Experience supporting internal audits, spot checks, self-certifications, and external NERC or Regional Entity audits
• Ability to independently manage compliance deliverables and meet regulatory timelines
• Strong written and verbal communication skills, including drafting policies, procedures, and audit responses
• Ability to maintain accurate, consistent, and audit ready documentation in accordance with retention requirements
• High level of discretion when handling sensitive or confidential compliance and security information
• Familiarity with NIST Cybersecurity Framework, NIST 80053, or NIST 80082 in utility environments

Are you the right fit for this exciting role? You want to learn more about the position and National Grid's ambitious Digital Transformation? Then let's chat!

Rewarding work and a collaborative, team-oriented culture are just the beginning. Review our digital benefit guide at ngbenefitslivebrighter.com for full details and descriptions.

Our organization follows a hybrid work structure in our service territory (NY & MA and adjacent states) where employees can work remotely or from the office, as needed. Working from the office is encouraged when working on tasks that require a high degree of collaboration. We work with our employees to foster a flexible work schedule.