OUC - The Reliable One,  an industry leader and the second largest municipal utility in Florida committed to serving the community and the environment, is presently seeking a Critical Infrastructure Protection Analyst to join the Legislative, Reg & Compliance division.

We are looking for an organized and efficient professional to be responsible for helping ensure OUC's ability to remail compliant with NERC CIP standards, as well as address regulatory issues dictated by the Department of Homeland Security as it relates to Critical Infrastructure/Key Resources. 

In this role, you will be responsible for reviewing, evaluating, and correcting all documentation used to perform or support compliance with these requirements, evaluating and interpreting current and proposed new industry cyber security requirements, and supporting OUC interests in development of new industry cyber security standards. 

OUC’s mission is to provide exceptional value to our customers and community by delivering sustainable and reliable services and solutions. Click here to learn more about what we do.

The ideal candidate will have:

• Bachelor’s Degree in Computer Science Technology, or Engineering, or related field from an accredited college or university
• Minimum of three (3) years total experience in any of the following areas: Cyber Security, NERC CIP Compliance, IT (consultant experience preferred), or Network Engineering 
• Preferred certification: Certified Informational Systems Security Professional (CISSP)
• Knowledgeable of NERC CIP Standards
• Experience with reporting and documentation

OUC offers a very competitive compensation and benefits package. Our Total Rewards package includes, to cite a few:

• Competitive compensation
• Low-cost medical, dental, and vision benefits and paid life insurance premiums with no probationary period. Retirement benefits include a cash balance account with employer matching along with a health reimbursement account
• Paid vacation, holidays, and sick time
• Educational and Professional assistance programs; Paid Memberships in Professional Associations
• Access to workout facilities at each location 
• Paid Conference and Training Opportunities
• Free downtown parking
• Hybrid work schedule

Click here to view our Benefits Summary.

Salary Range: $76,089.77 - $95,111.35 (Based on experience)

Location: Pershing 6003 Pershing Ave. Orlando, FL 32822 

Job Purpose:

Responsible for helping ensure OUC’s ability to remain compliant with NERC CIP standards, as well as address regulatory issues dictated by the Department of Homeland Security as it relates to Critical Infrastructure/Key Resources. The CIP Analyst is responsible for reviewing, evaluating, and correcting all documentation used to perform or support compliance with these requirements, evaluating and interpreting current and proposed new industry cyber security requirements, and supporting OUC interests in development of new industry cyber security standards.

Primary Functions:

• Interpret the requirements of NERC CIP standards;
• Assess NERC compliance application notices, interpretation requests, and ballots relating to Critical Infrastructure Protection (CIP);
• Schedule periodic CIP Program reviews with other CIP Program Managers, and Subject Matter Experts (SMEs). Create agendas and send invitations;
• Periodically review access control lists on access points to electronic security perimeters (ESPs);
• Periodically review both physical and cyber access control logs, and logs of OUC Security Information and Event Management (SIEM) devices supporting OUC Bulk Electric System (BES) Cyber Systems;
• Conduct quality assurance signoffs for cyber security controls testing;
• Assist in the preparation of OUC documents (processes, procedures, policies, etc.) supporting CIP compliance;
• Perform duties as required as a member of the OUC Cyber Security Monitoring Center such as responding to Cyber Security automated system alerts;
• Provide technical review of NERC balloted CIP standards;
• Support the other CIP Analysts during peer reviews of standard requirements with other entities of the same registration;
• Review and evaluate OUC existing processes in meeting CIP standard requirements;
• Recommend changes to existing processes to better meet CIP standard requirements;
• Ensure that all compliance related documents follow the standards as specified;
• Help to ensure proper lifecycle management of all OUC documents classified as sensitive, confidential, or critical;
• Provide CIP compliance-related expertise to other business units as required;
• Work closely with other business units responsible for directly implementing CIP-related functions, to ensure compliance;
• Assist in maintaining and managing various programs required to ensure compliance to CIP standards;
• Assist teams in routine audits of CIP cyber security controls and Windows based asset classes devices to ensure design functionality and effectiveness;
• In conjunction with SMEs, identify risks to the reliability of the Bulk Electric System, and develop Internal Controls that will mitigate the risks as well as ensure compliance with regulatory requirements.
• Perform other duties as assigned.

Technical Requirements:

• Working knowledge of all, but not limited to, the following:

• NERC and SERC Rules of Procedures and FERC orders,;
• Interpret NERC CIP standard requirements;
• Information systems including client server architectures, communications, and networking, security, and access control;
• FERC, NERC, and SERC common terminology;

• Familiarity with all, but not limited to the following:

• Software Applications (i.e. Syslog server [i.e. Qradar, Splunk, etc.]);
• Script writing in multiple languages (i.e. Java, shell, etc.);
• Power shell scripts and similar scripts; VBA Programming;
• Unix system administration;
• Related industry, organizational and departmental policies, practices and procedures; legal guidelines, ordinances and laws;

• Demonstrated effective business communication and consultation skills to communicate effectively across a diverse group both internally and externally.
• Ability to work independently and initiate appropriate courses of action on assignments.
• Ability to manage multiple tasks and multiple projects and adapt with shifting priorities.
• Ability to examine and evaluate data and present alternative actions in relation to the evaluation.
• Ability to make arithmetic computations using whole numbers, fractions and decimals, and compute rates, ratios, and percentages;
• Ability to use Microsoft Office Suite (Word, Excel, Outlook, etc.) and standard office equipment (telephone, computer, copier, etc.).

Education/ Certification/ Years of Experience Requirements:

• Bachelor’s Degree in Computer Science Technology, or Engineering, or related field from an accredited college or university
• Minimum of three (3) years total experience in any of the following areas: Cyber Security, NERC CIP Compliance, IT (consultant experience preferred), or Network Engineering
• Preferred certification: Certified Informational Systems Security Professional (CISSP)

Working Conditions:

This job is typically performed in an office work environment. May require occasional travel between OUC facilities.

Physical Requirements:

This job requires standing, walking, sitting, repetitive motions, climbing (ladders, stairs, hills, etc.), bending/stooping, reaching over head, kneeling and/or crawling, and lifting up to twenty (20) pounds. This job requires speaking and hearing, typing, reading, writing, and detailed inspection.

OUC–The Reliable One is an Equal Opportunity Employer who is committed through responsible management policies to recruit, hire, promote, train, transfer, compensate, and administer all other personnel actions without regard to race, color, ethnicity, national origin, age, religion, disability, marital status, gender, sexual orientation, gender identity or expression, genetic information and any other factor prohibited under applicable federal, state, and local civil rights laws, rules, and regulations.

• Bachelor’s Degree in Computer Science Technology, or Engineering, or related field from an accredited college or university
• Minimum of three (3) years total experience in any of the following areas: Cyber Security, NERC CIP Compliance, IT (consultant experience preferred), or Network Engineering
• Preferred certification: Certified Informational Systems Security Professional (CISSP)

About Orlando Utilities Commission

The Orlando Utilities Commission (OUC - The Reliable One) is a municipally-owned public utility providing electric and water services to the citizens of Orlando, Florida, St. Cloud, Florida, and unincorporated Orange and Osceola counties. Established in 1923 by a special act of the Florida Legislature, OUC is the second largest municipal utility in Florida and 14th largest municipal in the country. OUC provides electric, water, chilled water and/or lighting services to 400,000 accounts. The company is governed by a five-member commission (including the Mayor of Orlando), which is responsible for all operating policies.OUC has maintained the best electric reliability in the state of Florida for 21 years in a row, when compared to Florida’s investor-owned utilities. Our power is produced at the OUC-owned Stanton Energy Center via a diverse fuel portfolio, which includes nearly 20 megawatts of solar energy.And, our clean, safe, great-tasting water - which is pumped from the Lower Floridan Aquifer - undergoes more than 20,000 chemical and bacteriological water quality tests each year, including tests for more than 135 regulated and unregulated substances like lead and copper.Website: h...ttp://www.ouc.comIndustry: UtilitiesCompany size: 1,001-5,000 employeesIncludes members with current employer listed as Orlando Utilities Commission (OUC - The Reliable One), including part-time roles.Headquarters : Orlando, FloridaFounded: 1923

Show more

Show less

Connections working at Orlando Utilities Commission