Access Control, Analysis Skills, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Computer Science, Computer Security, Corrective Action, Documentation, Electricity, Electronic Access Control, External Audit, ISO (International Organization for Standardization), Incident Response, Information Technology & Information Systems, Internal Audit, International Electro-Technical Commission (IEC), Internet Security, Physical Security, Policy Development, Procedure Development, Registered Training Organisation (RTO), Regulatory Compliance, Risk, Risk Analysis, Risk Management, Root Cause Analysis, Software Patches, Supply Chain, Sustainability, Technical Research, Test Design, Test Strategy, U.S. National Institute of Standards and Technology (NIST)
Key Responsibilities
- Own endâtoâend execution of CIP compliance across applicable standards; operate as a subject matter expert and key liaison to business stakeholders.
- Design and lead testing strategies for complex IT/OT controls; validate control effectiveness; identify gaps; assess risk; and drive corrective actions.
- Plan and conduct CIP maturity reviews; evaluate processes and documentation; recommend improvements for longâterm sustainability.
- Lead complex compliance investigations and root cause analyses; develop and guide corrective action plans; support selfâreports and filings.
- Lead evidence strategy and narrative development; coordinate responses to NERC/Regional Entity requests; ensure complete, consistent documentation.
- Deliver CIP and cybersecurity regulatory training; provide consultative guidance on control design, access management, and compliance obligations.
- Contribute to cybersecurity initiatives, incident response exercises, and policy/procedure development.
Qualifications
- Bachelor’s in Computer Science, Information Systems, Cybersecurity, or related field (or 4+ years relevant experience in lieu of degree). Master’s in Cybersecurity Risk Management a plus.
- 4+ years (6+ preferred) in internal/external audit, internal controls, or regulatory compliance—ideally within energy, ISO/RTO, or other regulated infrastructure.
- Working proficiency with NERC CIP Standards (CIPâ002 through CIPâ013), IT General Controls, and CMEP processes; familiarity with NIST CSF, NIST SP 800â82, IEC 62443 in OT environments.
- Electronic access control, physical security, incident response, supply chain risk, vulnerability/patch management, baseline configuration.
- Certifications (preferred): CISA, CISSP, CRISC, Certified Compliance & Ethics Professional.
The base salary compensation range being offered for this role is $93,000-118,000 USD annually. Base salary range for this position is included in accordance with requirements of various state/local pay transparency legislation. Please note that salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, and qualifications/experience.
Position is also eligible for an annual bonus if individual performance and company objectives are met. At MISO we offer a comprehensive benefits package, including 401k, vacation, sick and safe time, available on your first day of employment.
Why Join Us?
Join a missionâdriven team operating the electricity superhighway. You’ll help advance a mature, auditable, and sustainable CIP program that underpins grid reliability and resilience today and for the future.
Appropriate level will be determined based upon experience and knowledge.
MISO, What We Do
MISO manages the electricity superhighway in the Central U.S. Through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million people. Operating the electricity grid, running a robust energy market, planning for a bright future – it’s what our immensely talented and dedicated team does every day.
#LI-AD1
#LI-ONSITE