Governance, Risk, and Compliance (GRC)-Manager at Hired by Matrix
Fishkill, NY
About the Job
At-a-Glance:
Are you ready to build your career by joining a Utilities Solutions Company? If so, our client is hiring a Governance, Risk, and Compliance (GRC) Manager.
Position Type: Direct Hire
Required:
If you think you'd be a good match, submit your resume and reach out to Shaan at 862-895-5501 at to learn more.
Are you ready to build your career by joining a Utilities Solutions Company? If so, our client is hiring a Governance, Risk, and Compliance (GRC) Manager.
Position Type: Direct Hire
Required:
- Minimum of 10 years of NERC CIP Reliability Compliance experience.
- Bachelor's degree in Engineering, Business Administration, Information Technology, Cybersecurity, or a related field.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) are preferred.
- Extensive knowledge of NERC CIP standards and regulations.
- Proven experience in compliance management, risk management, or cybersecurity within the energy sector.
- Strong analytical, organizational, and problem-solving skills.
- Excellent communication and interpersonal abilities.
- Compliance Oversight:
- Develop, implement, and manage the organization's NERC CIP compliance program.
- Monitor changes in NERC CIP standards and regulations to ensure ongoing compliance.
- Conduct regular internal audits and assessments to evaluate compliance status and identify areas for improvement.
- Make sure all involved parties adhere to document control, retention, and destruction requirements.
- Policy and procedure Development:
- Create and update policies and procedures related to NERC CIP standards.
- Ensure documentation is accurate, comprehensive, and aligns with current regulatory requirements.
- Establishing and refining document management processes, including naming, numbering, version control, access and security. Identify gaps and communicate as well as implement changes.
- Training and Awareness:
- Develop and deliver training programs to educate employees on NERC CIP requirements and best practice.
- Promote awareness of compliance requirements across the organization.
- Guide others to properly apply interchangeability and revision management practices for compliance with established policies and procedures.
- Risk Management:
- Identify and assess potential risks related to NERC CIP compliance and develop mitigation strategies.
- Incident Response:
- Lead the response to compliance incidents or breaches, ensuring timely and effective resolution.
- Maintain and updated incident response plans in accordance with NERC CIP requirements.
- Reporting and Documentation:
- Prepare and submit compliance reports to regulatory bodies and senior management.
- Maintain detailed records of compliance activities, audits, and corrective actions.
- Responsible for applying configuration and data management control disciplines to the design, development, and support of software, hardware, and other complex systems.
- Maintain stringent electronic and paper copy document control processes.
- Stakeholder Coordination:
- Serve as the primary point of contact for regulatory agencies, auditors, and external consultants regarding NERC CIP compliance matters.
- Facilities communication between departments to ensure integrated compliance efforts.
- Continuous Improvement:
- Stay informed about industry best practices and emerging trends in NERC CIP compliance.
- Recommend and implement improvements to enhance the effectiveness of the compliance program.
- Configuration Controls:
- Coordinate document changes and updates.
- Create/manage and maintain tools for document management thereby ensuring efficient workflows.
- Organize and manage repositories of company documents.
If you think you'd be a good match, submit your resume and reach out to Shaan at 862-895-5501 at to learn more.