The California Independent System Operator (ISO) manages the flow of electricity across the high-voltage, long-distance power lines that make up 80 percent of California's power grid. We safeguard the economy and well-being of 30 million Californians by operating the Grid reliably 24/7.

As the impartial grid operator, the California ISO opens access to the wholesale power market that is designed to diversify resources and lower prices. It also grants equal access to 25,865 circuit-miles of power lines and reduces barriers to diverse resources competing to bring power to customers.

The California ISO's function is often compared to that of air traffic controllers. It would be grossly unfair for air traffic controllers to represent one airline and profit from allowing that company's planes to go through before others. In the same way, the California ISO operates independently—managing the electron traffic on a power grid we do not own—making sure electricity is safely delivered to utilities and consumers on time and reliably.

Under the general direction of the Director, IT Architecture, Integration, and Information Security, acts as the functional advisor for Information Security compliance of the mandatory reliability standards and Tariff requirements derived from the Federal Energy Regulatory Commission regarding compliance to Critical Infrastructure Protection (CIP) standards. Develop controls, monitor performance and creates action plans. Develops mitigation and post event corrective action plans and reports.  Facilitates Information Security NERC Self Certification / Audits.  Provides guidance to other System business units on the development of procedures and controls. This position is a process manager with no direct reports, but would collaborate across multiple business units within the organization.

What You Will Be Doing:

• Facilitating Self-Certifications/ Audits. Collect evidence, review collected evidence quality, update RSAWs and act as a liaison to gather data from others and be able to lead others through an evidence collection/ RSAW update discussion.
• Assist Business Units in Controls development. Perform Internal Assessments using a systematic approach to monitoring controls, evaluating normal and abnormal occurrences within processes.
• Event Analysis: Act as liaison between Information Security and Compliance in tracking Information Security events/exceptions that require further analysis for potential compliance reporting purposes or compliance event analysis.  Identify improvements, occurrences, events as training and/or simulation opportunities.
• Maintain and perform monthly and quarterly reviews and reporting per WECC data requests.  Create, maintain and improve reporting in order to promote consistent data collection methods.  Manage and respond to data requests from WECC, Corporate Compliance, and others as needed by gathering data, performing an analysis and developing reports
• Perform Impact Analysis related to new or changes to NERC CIP standards.
   

Level of Education and Discipline:

• A Bachelor's degree (BA, BS) or equivalent education, training or experience in Engineering, Information Technology, Business or related field.
• Master Degree preferred.

Amount of Experience:

• Equivalent years of education and training, plus six (6) or more years related experience.

Type of Experience:

• Proven track record of improving and maintaining procedures, processes, compliance, and controls within the Information Security field.

Additional Skills and Abilities:

• Demonstrates fundamental leadership skills with the ability to work effectively in a team environment as a leader, facilitator and team member. 
• Ability to provide practical and feasible solutions to problems, keeping multiple conflicting considerations into account.
• Excellent interpersonal, communication, and writing skills required.
• Excellent analytical skills are required, including the ability to effectively communicate complex technical materials and concepts in a non-technical manner. 
• Must be able to handle a dynamic and changing work environment, and work independently.
• Strong computer skills in Microsoft Office Suite.
• Self-motivated, problem solving skills and the ability to influence others without direct authority.

All your information will be kept confidential according to EEO guidelines.