Project Manager, NERC Regulatory Compliance and SR
Position can be located in Albuquerque, NM or Alvin, TX.
ALL APPLICANTS MUST INCLUDE A COVER LETTER IN ADDITION TO A RESUME
Both NERC CIP and Operations & Planning experience as well as relevant certifications preferred.
This position is covered by NERC CIP cyber security standards. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check. Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required.
Given the financial nature of this position, this position has been defined as a position requiring a credit check. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a credit background check.
Under limited direction, facilitates implementation of PNM Resources: NERC Internal Compliance Program directly with business area resources to ensure that assigned areas of PNMR and its New Mexico and Texas utility affiliates achieve and maintain compliance with any and all NERC, WECC, and TRE mandatory reliability standards. This includes, but is not limited to, providing guidance and technical expertise related to the implementation of long term compliance plans and processes for assigned business areas as it relates to NERC standards, working with appropriate stakeholders and subject matter experts to implement the compliance strategic direction, and managing, developing and overseeing the implementation of controls for monitoring all NERC compliance activities.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Demonstrates an in-depth understanding of the company strategy for maintaining NERC compliance across PNMR and its affiliates
- Monitors reliability standard developments in the industry and maintains an in-depth knowledge/understanding of rapidly evolving compliance requirements and strategic initiatives within the industry as well as associated technical/operational expertise. Assists business areas with formulating content for compliance evidence and/or RSAW's
- Conducts in-depth technical reviews and compliance evaluation of any and all applicable reliability standards implemented by assigned business area(s) (such as planning, maintenance operations, physical and cyber-security for generation, transmission, distribution, and control center facilities), including performing reviews implementation of internal controls, compliance evidence, and Reliability Standards Audit Worksheets (RSAW) and makes necessary recommendations to Management and Subject Matter Experts following review. As appropriate, coordinates with PNMR internal audit staff and/or other third parties utilized for supplemental compliance assessment.
- Translates existing and new/revised standards into program requirements and communicates those requirements to applicable personnel across the enterprise
- Conducts compliance activities in an ethical and professional manner
- Responsible for identifying, establishing, and implementing internal performance measures for key compliance/reliability/security metrics and internal procedures for tracking, evaluating, and reporting on compliance project plans and overall company compliance risk.
- Facilitates processes/projects/implementation of technology to assist business areas with the implementation of new or revised standards by working closely with assigned subject matter experts to develop project plans and track progress on those plans across multiple technical areas of enterprise
- Provides company representation to industry forums such as, the WECC/TRE/NERC Compliance Workshops, Western Interconnection Compliance Forum (WICF), North American Transmission Forum (NATF), Edison Electric Institute (EEI), and Electricity Information Sharing and Analysis Center (E-ISAC) as assigned
- Facilitates compliance program processes such as annual self-certification, spot checks, on-site audits, investigations and the preparation of self-reports and mitigation plans for regulatory violations
- Creates and maintains any and all document repositories necessary for PNMR and its affiliates to demonstrate to regulatory compliance with NERC and regional reliability standards
- Facilitates company position development on all new or revised standards developed by FERC, NERC, WECC and TRE
- Leads and coordinates the identification and documentation of roles and responsibilities for NERC compliance tasks pertaining to assigned business areas and reinforces established reporting boundaries between assigned business areas and Corporate NERC Compliance Department
- Participates in stakeholder and enforcement forums including violation dispensation processes and/or contested hearings, alerts, and investigations as assigned
- Assists in investigation of and external reporting associated with compliance violations and/or NERC reportable event(s) and cyber incident(s)
- Develops alliances with other stakeholders, regional entity representatives and counterparts at neighboring entities
- Participates in or conducts in internal spot checks and reviews to ensure compliance with regulatory standards and supports PNMR internal audit(s) and/or other third party compliance assessment(s), as assigned
- Demonstrated leadership skills
- Knowledge, understanding, and commitment to express and implement the company's vision and goals
- Demonstrated in-depth, technical understanding of various NERC and Regional reliability standards and regulatory organizations that create those compliance standards to include: FERC, NERC, WECC, and TRE
- Ability to assist in the production of clear policies, procedures and processes that PNMR staff can follow and that can stand up to scrutiny of internal and external auditors, including WECC/TRE/NERC auditors
- Demonstrated knowledge of at least one key business area(s) covered by NERC Standards such as cyber security, physical security, and/or network architecture for Critical Infrastructure Protection (CIP) candidates and real-time operations, planning, transmission, distribution, generation facilities, and/or protection and controls within WECC and ERCOT for Operations and Planning candidates. Ability to expand knowledge to additional business areas as needed.
- Ability to develop consensus positions and interface with various groups to accomplish compliance objectives
- Ability to manage complex projects and multi-disciplined team of senior technical professionals
- Ability to prioritize, schedule, organize, focus on, and complete work
- Ability to multi-task and effectively manage time in a dynamic environment
- Ability to demonstrate sound judgment
- Ability to demonstrate advanced interpersonal skills
- Ability to maintain positive and productive working relationships with various individuals and groups
- Action-oriented, detail-oriented, and goal-oriented
MINIMUM EDUCATION AND/OR EXPERIENCE:
- Bachelor's degree in a related field with seven to nine years of relevant experience, or equivalent combination of education and/or experience related to this position
- Significant experience in regulatory, compliance, operations, engineering, power plant, Control Systems, Energy Management Systems, SCADA, cyber-security, and/or physical security related experience strongly preferred
- Masters degree is preferred
- For CIP candidates: knowledge of enterprise security architecture, network design, and operational risk management with CISA, CISM, CISSP, or other technical certification preferred
- Project Management Professional certification preferred.
- Leads and coaches matrix resources regarding forms, filings, and other tasks related to assigned regulatory matters
- Negotiation skills and ability to gain concessions without damaging relationships
- Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental orders and regulations
- Ability to effectively present information to diverse audiences
- Ability to write reports, business correspondence, and procedure manuals
- Ability to effectively give persuasive speeches and presentations on controversial or complex topics to various audiences
- Ability to speak clearly and persuasively in positive or negative situations
- Ability to effectively listen and get clarification to respond to a wide-range of questions
- Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry
- Ability to apply the concepts of fractions, percentages, ratios, and proportions to practical situations
- Strong, working knowledge of the Microsoft Office suite and Microsoft SharePoint administration
- Working knowledge and experience with high-availability computer networks
- Knowledge of industry standard and best practice cyber security protection measures, including but not limited to: establishment of electronic security perimeters, malware detection and protection, intrusion protection and detection, cyber asset vulnerability assessments, local and wide area network design, backup plans and procedures, and disaster recovery procedures preferred for CIP candidates
ANALYSIS AND PROBLEM-SOLVING ABILITY:
- Ability to strategically approach issues. Must be proactive, adept at working with cross-functional teams and stakeholder groups.
- Ability to synthesize complex information.
- Ability to apply creativity to problem solving and utilize analytic skills and modeling capabilities to provide ongoing insight into the business and to make recommendations and decisions.
- Ability to identify mitigation plans as necessary
- Ability to coordinate with, and lead, cross-functional team of technical experts.
- Ability to make quick, effective decisions in a rapidly changing and demanding environment
- Makes decisions as to whether a compliance violation has occurred, what actions need to be taken and works with business areas to develop plans for future avoidance of violation.
SCOPE AND IMPACT:
- Facilitates cross-functional team(s) responsible for compliance with a portion of applicable regulatory standards
- Failure by PNMR to comply with the standards exposes PNMR to heightened regulatory oversight, monetary sanctions, and increases vulnerability to malicious cyber-attack against PNMR cyber assets that are essential to the functioning of components of the bulk electric system for which PNMR is responsible
- Violations can result in millions of dollars in fines and restrictions being placed on activities.
- Ability to sit up to 2/3 of the time and to stand, walk, and stoop up to 1/3 of the time
- Good vision and ability to adjust focus is required
- Manual dexterity is required
- Must occasionally lift and/or move up to 10 pounds.
- Out-of-state travel may be required.
- Office environment.