Advisor, IT Policy and Compliance

INDEPENDENT ELECTRICITY SYSTEM OPERATOR (IESO)

Why join us? 

You’ve got great skills. And you want to use them in an organization where you know what you do every day matters. We get that.
We also know that ensuring Ontarians have access to affordable and reliable power doesn’t happen by accident. So we give you the tools, flexibility and support you need to achieve your goals, and development opportunities to help you grow. You’ll thrive in a collaborative, team-based environment that values your unique skills and experiences – and recognizes that when you do better, we become even better too.  

Who we are 

The Independent Electricity System Operator (IESO) works at the centre of the province’s power system, ensuring Ontarians have access to reliable and cost-effective electricity when and where they need it. We operate the province’s electricity grid 24/7, design, run and oversee the wholesale electricity markets, and plan and prepare to meet Ontario’s electricity needs – now and into the future.

 

The Opportunity

The Advisor, IT Policy and Compliance is responsible for managing the IESO’s efforts to maintain compliance with the NERC Critical Infrastructure Protection (CIP) Standards, NPCC Criteria and MACD processes.  THe incumbent will provide leadership to staff through advice and guidance in establishing and maintaining procedures and programs that supports compliance with NERC CIP Standards. 

Additionally, the will take a leadership role in managing the IESO’s participation in external activities related to modifying future NERC CIP standards as well as interacting with other companies in determining risks and best practices in being compliant with standards and requirements. Plans, organizes, and presents NERC CIP compliance information to all audience levels, from technical experts to executive staff.

This role is also responsible for facilitating any audit related activity with subject matter experts and leaders. This includes managing the relationship between external auditors for audits such as tri-annual NERC CIP compliance audits, bi-annual settlements audits or annual financial audits and the Department (e.g. I&TS). The Advisor tracks audit findings and mitigation efforts, reporting status on a regular basis to the Departmental Management team.

The Advisor administers policies by working with the various divisions and departments to ensure their policy requirements are met, the policies are current, and in situations where violations of policies occur that the appropriate management personnel are notified and the situation is resolved.

What you will do

• Plan and coordinate the execution of NERC CIP Standards compliance activities, policies.
• Perform studies related to the design, deployment, and enhancements of NERC Compliance Processes, policies and corporate requirements.
• Coordinate ongoing impact assessments and reviews to maximize efficiency and minimize risk on all customers. As required, communicate results, summaries, action items and lessons learned to internal and external customers and Business Units.
• Provide management information reporting for NERC CIP compliance activities.
• Manage the implementation and maintenance of the IESO’s program for compliance with NERC CIP and associated regional standards.
• Advise cross-functional teams in evaluating detailed requirements and how they conform to CIP standards and requirements.
• Provide consulting and support services to internal IT and non-IT clients to assure new and on-going projects are implemented in a manner that embraces and promotes NERC CIP requirements from the ground up.
• Coordinate, prepare and execute activities and programs to assist non-IT groups or individuals in meeting obligations relating to NERC CIP reliability standards compliance This includes, but not limited to, the coordination of CIP Compliance Sub-Committee (CSSC) meetings with multiple Market Participants and internal staff. 
• Coordinate and lead activities to: ensure that Reliability Standard Auditing Worksheets (RSAWs) are kept current, develop processes, procedures and related documentation, and coordinate NERC CIP audit activities.
• Coach staff in related processes and procedures, such as the Technical Feasibility Exception process.  Coordinate, review and submit NPCC self-certification information when required and perform other compliance activities as needed.
• Coordinate with Subject Matter Experts from Information and Technology Services and Market and Systems Operations to develop, update and enhance RSAWs, Technical Feasibility Exceptions (TFEs) and gather evidence to demonstrate compliance with reliability standards.
• Conduct studies to support IESO Compliance and internal performance reporting by monitoring compliance to standards and policies.  Participate in follow-up as required.
• Where potential violations of NERC Standards occur, work with the appropriate management and personnel to investigate the issue(s) and track any mitigating activity to completion. Generate Potential Non-Compliance (PNC) reports stating applicable standards violated and status of mitigating activities to NPCC via Operations’ Compliance Assurance group.
• Participate in the ongoing coordination efforts of team with respect to the changing requirements of regulatory policy.  Coordination of preparatory material for meetings with regulatory bodies.
• Advise on policy and provide advice on compliance issues and options for improving performance (training, possible efficiencies, lesson learned).
• Support the IESO’s participation in the development of reliability strategies through NERC, Regional council, Interconnections and ISOs and integrate approved changes.
• Escalate and explain to IESO management, any issues, challenges, and strategies necessary to ensure compliance to NERC cyber security standards.
• Support the review and alteration of processes to ensure they reflect current practice, contain appropriate controls to ensure we meet standard requirements and demonstrate compliance efficiently and effectively.
• Liaise with Internal Audit and external auditors as required to facilitate activity related to audits.
• Provide support where violations of IT policies occur work with the appropriate management personnel to resolve the issue(s) and track any mitigating activity to completion. Report violations and status of mitigating activities to I&TS management on an as required basis.

• Perform other duties as required.

What you need

• Requires knowledge of computer science, a related discipline or equivalent experience in order to understand the complexities of small to large scale computer systems, networks, and applications. 
• Specific knowledge would include system design, enterprise hardware technologies, database modeling, networking and system administration, ITIL Service Model and NERC CIP standards.
• This knowledge is considered to be normally acquired either through the successful completion of four years University education or the equivalent experience.

Experience:

• Requires experience in Information Technology practices and IT architectural concepts including cyber security principles and best practices.
• Requires experience to understand the principles and core elements in the development and application of NERC CIP Standards.  Requires experience and understanding in implementing and maintaining documentation and reports related to NERC CIP Standards, NPCC and MACD compliance audit practices. 
• Previous experience with compliance control frameworks
• 3-4 years of Compliance support experience including managing compliance requirements, audits, documentation, Market Assessment Compliance Division (MACD) processes and procedures and other deliverables
• Must be familiar with regulatory audit processes and evidential requirements.
• Must be very familiar with the NERC CIP standards and crafting responses to standards development questions, crafting voting position and commentary on standards development, and working with other departments to ensure timely responses to NERC, NPCC and MACD requests for input.

A period of over eight years, up to and including ten years, is considered necessary to gain this experience.

What’s in it for you

•    A comprehensive total rewards program, including best-in-class benefits and a flexible workplace 
•    A challenging, fast-paced and collaborative team environment, where your perspectives and experiences matter 
•    Leaders who support your growth and success through regular feedback and coaching
•    The opportunity to work with some of the brightest minds in the industry

Deadline: April 7, 2023

For future reference, please ensure to save a copy of the job description as it will no longer be available once the posting closes.
 

The IESO offers a Hybrid Work Model Program. The Model allows for remote working up to three days per week, based on business needs. When working in the office, you will be located at our Mississauga location.

At the IESO, we know that achieving great results depends on embracing diversity by attracting, developing and retaining people from a wide variety of backgrounds. We do this by ensuring our recruitment and advancement policies are fair and equitable, and by creating an accessible and inclusive environment – one that values every team member’s unique skills and experiences and ensures they have the support they need to achieve their potential. If you require accommodation during the recruitment process, please let us know. 

We thank you for your interest in a career at the IESO, but we will only contact those candidates selected for an interview. 

Note: The successful candidate must be eligible to work in Canada and will be subject to a background check.

Join our talent community

Sign up for talent community; stay in touch, find out about new opportunities – and discover how you can make a difference. Discover how we use our expertise and commitment to deliver reliable and affordable electricity to Ontario’s businesses and communities, and how we’re innovating to secure a stronger energy future for all Ontarians. Visit Careers at IESO and be sure to follow us on LinkedIn.

Find out why we were selected as Greater Toronto’s Top 2022 Employers, and what we offer.