Job Title: Critical Infrastructure Protection Specialist (PM 2)
Job Number: BCH-R-1410-200723E1
Job Location: Burnaby, British Columbia, Canada
Keeping the lights on for over 4 million people across the province takes a lot of talented people doing many different jobs. From working deep in a generating station, atop a power pole, or behind a desk, whatever it is that makes you tick we offer challenging careers to help you reach your potential.
We’re investing more than $2 billion per year in major capital infrastructure projects to help meet the growing demand for safe, reliable power. We’re upgrading transmission lines, building new substations, and investing in our hydroelectric generation facilities.
We aim to provide meaningful and challenging work, opportunities for growth, and a healthy work/life balance. We’ve been recognized for excellence and been named one of BC’s Top Employers and one of Canada’s Best Diversity Employers for 4 years in a row.
It's our vision to be the most trusted, innovative utility company in North America by being smart about power in all we do.
The Reliability Compliance Department provides oversight for the Mandatory Reliability Standards (MRS) adopted by the BC Utilities Commission (BCUC) to achieve, sustain, and demonstrate compliance with its obligations to support the reliability of the bulk electric system. The ~120 adopted North American Electric Reliability Corporation (NERC) and Western Electricity Coordinating Council (WECC)reliability standards cover topics including real-time operations, long-term transmission system planning, protection system maintenance programs, and critical infrastructure protection.
The Reliability Compliance Department supports the business by monitoring developments in the industry, providing expertise to implement the standards, interfacing with the regulator, conducting compliance assurance activities (including self-certification reviews, internal control reviews, and spot-checks) and works with the business on violation investigations, mitigation planning, and continuous improvement.
There is a new opening in the Department as the CIP Standards now have a wider scope and oversight has shifted to risk based assurance (internal controls and strong programs). The CIP standards include security practices for cyber asset categorization, personnel and training, electronic and physical security perimeters, change management, incident reporting and response plans, configuration change management, and information protection.
This role is responsible to provide CIP expertise and closely work with people from across the organization, including all levels of compliance accountability from executives and governance delegates to subject matter experts across the business. The role includes following industry developments and benchmarking with other utilities on compliance best practices, supporting the organization with implementing CIP practices, performing assurance activities, and reporting the outcomes to management, supporting the business with incident investigations, mitigation planning and continuous improvements, and supporting regulatory processes as required.
- Manage and provide support to internal stakeholders for the successful implementation and sustainment of compliance with the MRS.
- Maintain expertise and knowledge with MRS broadly and CIP specifically, by building strong relations with WECC, other utilities, and other interest groups.
- Identify CIP Program improvements including governance, compliance monitoring processes/procedures, and assisting with implementation plans.
- Support the business with assessing risks and implementing internal controls related to CIP, and conduct compliance assurance activities regarding business groups compliance status.
- Utilize technical knowledge along with controls experience to review the quality and adequacy of compliance narratives and evidence, and strength and quality of internal controls. Identify opportunities to improve practices and tools.
- Provide coaching, guidance, and education as a CIP technical expert, includes developing training materials, regular communications, and governance direction.
- Lead noncompliance investigations, assist with developing mitigation plans, and monitor/track completion.
- Develop and provide tracking information on a timely basis to decision-makers. Perform trend analysis to support or challenge reporting.
- Supports and provides direction for other MRS Program accountabilities including annual BCUC Assessment Reports for MRS adoption, Canada Energy Regulator reporting, On Site Audits, etc.
- University degree or experience in relevant discipline or equivalent combination of education and experience.
- Registered professional engineer or security relevant certifications (e.g., CISSP, CISA, CISM, NCSF) is an asset.
- A minimum of 10 years of relevant security and/or reliability compliance experience in the electric utility industry.
- Demonstrated and proven experience, ability and knowledge in the following: NERC/MRS Programs in both the US and Canada; security governance, audit, risk, and controls (including experience with designing, evaluating, and implementing controls based on common security frameworks, such as NERC CIP, COSO, COBIT, ISO, NIST); and lead investigations and analyze and process a high volume of detailed information with accuracy.
- This role requires a combination of demonstrated deep technical security and security management expertise.
- Ability to translate complex technical security concepts and requirements into understandable, practical solutions, and processes that are sustainable.
- Strong analytical skills to support complex and high impact decisions related to the reliability standards.
- Self-motivated with strong organizational skills and the ability to work effectively in a team environment as well as individually.
- Strong relationship management skills and ability to collaborate with a cross-section of internal stakeholders; demonstrate business acumen, create innovative solutions, develop action plans, implement change, and champion stakeholder acceptance.
- Demonstrated leadership skills including the ability to influence and provide direction to others.
- Strong ability to communicate effectively, including verbal and business writing in the English language, presentation skills, and delivering training/presentations.
- Demonstrated ability to manage relationships at multiple levels within the organization and balance business needs with compliance requirements, and to work closely with subject matter experts to find solutions that add value.
- Understands the bigger picture and pays attention to details
- Passion and enthusiasm for security and demonstrated ‘can-do’ attitude to make a difference.
- Please attach a Cover Letter outlining your interest in this position as part of your application.
We're always looking for exceptional people to bring new ideas, fresh thinking, and the motivation to help shape the electricity system in BC. It's an exciting time to be a part of our team as we invest in our system and prepare to meet the challenges of tomorrow.
Our values guide our work.
- We are safe.
- We are here for our customers.
- We are one team.
- We act with integrity.
- We respect our province.
- We are forward thinking.
BC Hydro is an equal opportunity employer.
Don't forget to update your Candidate Profile with your current resume and copies of your certifications. If applicable, include your Trades Qualification. This will ensure we have all the necessary information to assess your application without any delays.
Click on the 'Apply' button in order to complete the steps to apply for this job.
Interested candidates should submit their applications online at app.bchydro.com/careers/current_opp.html by August 12, 2020.
Click here to access the job posting or visit the BC Hydro “Current Opportunities” Careers page to view and apply for jobs.