Consolidated Asset Management Services
Consolidated Asset Management Services is hiring: Cybersecurity Compliance Engin
Consolidated Asset Management Services, Shelocta, PA, US, 15774
Description
The Cybersecurity Compliance Engineer is responsible for securing and maintaining the integrity of control and business networks at the Keystone and Conemaugh Generating Stations. This role ensures compliance with NERC CIP cybersecurity standards and supports the stations' broader cybersecurity initiatives. The engineer will manage network infrastructure, monitor performance, and collaborate with internal and external stakeholders to maintain a secure and compliant operational environment. This role will require 10% travel or less for scheduled site-required visits.
Essential Duties and Responsibilities
The Cybersecurity Compliance Engineer is responsible for securing and maintaining the integrity of control and business networks at the Keystone and Conemaugh Generating Stations. This role ensures compliance with NERC CIP cybersecurity standards and supports the stations' broader cybersecurity initiatives. The engineer will manage network infrastructure, monitor performance, and collaborate with internal and external stakeholders to maintain a secure and compliant operational environment. This role will require 10% travel or less for scheduled site-required visits.
Essential Duties and Responsibilities
- Administer and maintain firewalls, switches, routers, wireless access points, IP addressing, certificates, and protocols.
- Evaluate and implement firewall rules in coordination with Distributed Control System (DCS) Leads.
- Ensure secure business-to-control network connections in compliance with NERC CIP standards.
- Monitor network performance using tools such as SNMP and packet analyzers; proactively resolve issues.
- Maintain and monitor the ConsoleWorks application and associated hardware.
- Manage cyber asset inventories and execute change management for asset updates.
- Maintain server licensing and certificates for network and security servers.
- Execute daily, monthly, and annual NERC CIP program requirements under guidance from the CAMS NERC CIP Specialist.
- Champion cybersecurity and NERC CIP compliance programs at assigned facilities.
- Conduct or support cybersecurity and compliance training initiatives.
- Coordinate with DCS Leads and contractors to ensure timely software patching per CIP standards.
- Independently manage complex projects and maintain regulatory documentation and filing systems.
- Bachelor's degree in Information Technology or a related field, or equivalent experience.
- Minimum 5 years of hands-on networking experience, preferably in distributed control systems.
- Experience with NERC compliance or similar regulatory frameworks preferred.
- Ability to perform physical tasks including lifting (up to 25 lbs), climbing, bending, and working in industrial environments.
- Industry certifications such as CCNP, CompTIA Network+.
- Experience with ConsoleWorks or similar remote access/network monitoring tools.
- Familiarity with power plant operations and compliance functions.
- Working knowledge of FERC, NERC, and Regional Reliability Entity standards and reporting requirements.
- Strong commitment to cybersecurity excellence and regulatory compliance.
- Excellent communication, planning, and organizational skills.
- Ability to manage multiple complex tasks and assess compliance risks in real-time.