Get your dream job within 2 days (HURRY UP)ENROLL NOW

Associate CIP Cybersecurity Risk Evaluation & Mitigation Engineer/Analyst

Northeast Power Coordinating Council, Inc. – New York, NY


Northeast Power Coordinating Council, Inc. (NPCC) is a not-for-profit corporation responsible for promoting and improving the reliability of the international, interconnected bulk electricity systems in Northeastern North America. NPCC operates as a Regional Entity under a delegation agreement from the North American Electric Reliability Corporation (NERC) with the responsibilities to develop, monitor, assess, mitigate, and enforce mandatory reliability standards. More information about NPCC can be found on its website at:

Position Overview

This position participates in making compliance determinations on NERC Critical Infrastructure Protection (CIP) Reliability Standards. The NERC CIP Standards address the security of the bulk power system in North America. This position is responsible for analyzing the facts and circumstances associated with non-compliances to determine the risks they present to the reliability and security of the electric bulk power system. Additionally, this position then coordinates with the entity to ensure that mitigation of non-compliances are completed. The non-compliances are processed under the NERC Rules of Procedure and the NERC Compliance Monitoring and Enforcement Program (CMEP).

Essential Duties and Responsibilities

  • Perform investigations and risk assessments of noncompliance to determine the risk to the bulk power system.
  • The majority of investigations will be focused on deficient cyber security controls and will include, but are not limited to: analyzing network architecture and inbound/outbound communication. An understanding of OSI model, TCP/IP model, and TCP/UDP protocols is preferred.
  • Investigations of physical security controls may also be required and include but are not limited to: review of resiliency or security measures designed collectively to deter, detect, delay, assess, communicate, and respond to potential physical threats and vulnerabilities.
  • Determine the root cause of noncompliance to subsequently identify acceptable mitigation, which will normally include the enhancement of internal controls. This responsibility requires:
  • Cyber security technical knowledge of patch management, log collection and analysis, methods to deter, detect, or prevent malicious code, baseline configuration, and cyber vulnerability assessments.
  • Physical security technical knowledge of controls to restrict physical access, and methods to monitor for unauthorized access.
  • Create evidentiary record to ensure there is sufficient evidence to support the risk assessment, mitigation, and proposed disposition and a complete and final record.
  • Provide training, education, and communications to NPCC staff and industry stakeholders. This includes presentations related to cybersecurity and physical security at workshops, webinars, and to NPCC committees and subcommittees.


  • Bachelors or Masters Degree in Cybersecurity/Information Assurance, Information Systems/Technology, Electrical Engineering, Computer Engineering or Computer Science/Technology.
  • 3 - 5 years of experience securing and/or protecting industrial control systems, preferably SCADA/EMS that are used in the electric utility industry.
  • Working knowledge of the NERC CIP Standards is highly desire
  • One or more of the following certifications are highly desired:
  • Certified Information System Security Professional (CISSP)
  • Certified Protection Professional (CPP)
  • Physical Security Professional (PSP)
  • Licensed Professional Engineer (PE)
  • Certified Information System Auditor (CISA)
  • Background check results consistent with the protection of critical energy infrastructure information and satisfactory to NPCC, Inc.
  • Ability to work within the U.S.

Location and Benefits

NPCC, Inc. is located in New York, NY offering a competitive compensation program to attract and retain bright and motivated employees. The position is eligible for an excellent benefits package, including medical, dental, life insurance, short-term and long-term disability, 401(k) plan, and paid personal time.

Equal Opportunity

Northeast Power Coordinating Council, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individuals actual or perceived disability, protected veteran status, race, color, sex, age, national origin, religion, sexual orientation, gender, gender identity, gender expression, genetic information, marital status, citizenship, domestic violence victim status, or any other federal, state or local protected class.

Additional Information

  • Position requires the ability to travel to Canada; therefore, a valid passport is necessary

Approximate start date: August /September 2019.

Job Type: Full-time

Recommended jobs for you

  • Wood Designers Wanted

    Hart & Sons Inc.  - Plainfield, NJ

    View Job
  • Fall 2019 Video Editing Internship with Bindery

    Bindery  - New York, NY

    View Job
  • Research Assistant

    New York State Psychiatry Institute  - New York, NY

    View Job
  • Communications & Data Support Resource Assistant

    MobilizeGreen  - New York, NY

    View Job
  • Paid USFS Volunteers & Service Program Resource Assistant

    MobilizeGreen  - New York, NY

    View Job

Thanks For Your Feedback