The Midwest Independent Transmission System Operator is an essential link in the safe, cost-effective delivery of electric power across much of North America. The Midwest ISO is committed to reliability, the nondiscriminatory operation of the bulk power transmission system, and to working with all stakeholders to create cost-effective and innovative solutions for our changing industry.

WHO WE ARE…
As a fully integrated regional transmission organization, the non-profit Midwest ISO assures industry consumers of unbiased regional grid management and open access to the transmission facilities under Midwest ISO's functional supervision.

WHAT WE DO…
Midwest ISO optimizes the efficiency of the interconnected system, provides regional solutions to regional planning needs and continually minimizes any risk to reliability.

IT Compliance Analyst

SUMMARY OF RESPONSIBILITIES

Perform analysis and documentation on compliance requirements of NERC, FERC & NAESB, SAS70 and Midwest ISO business processes. Assist and guide control owners with compliance efforts focusing on NERC CIP standards and established IT SAS 70 controls.

ESSENTIAL JOB FUNCTIONS

Analyze IT policies, procedures, practices and organizational structures to provide reasonable assurance of compliance with NERC, FERC & NAESB regulatory requirements and SAS 70 controls
Develop and maintain schedules, reports, and materials for compliance-related activities pertaining to IT and other control-related matters
Use generally accepted IT security and control practices to benchmark the existing and planned IT environment
Coordinate with control owners in the IT organization to ensure consistent compliance with applicable requirements
Assist control owners with identifying remedies to findings
Create tracking tools and reports for compliance measures
Prepare reports and briefs for management and external audiences explaining standards issues and compliance status.
Support and serve on internal committees, task forces, and compliance working groups.
Compliance with all processes, procedures, and standards applicable to the position including (but not limited to): SAS 70 (Statement on Auditing Standards 70), CIP (Critical Infrastructure Protection), Change Management, Tariff (Open Access Transmission and Energy Markets Tariff), FERC (Federal Energy Regulatory Commission), NERC (Northern Electric Reliability Corporation), U.S. Department of Homeland Security, and NAESB (North American Energy Standards Board).

QUALIFICATIONS

Education:

Bachelor’s degree in Management Information Systems, Computer Science or equivalent required
CIA, CFE and/or CISA preferred.

Experience:

Three years in internal and/or external IT audit
FERC, NERC and Sarbanes Oxley regulatory requirements and SAS 70 audits preferred.
Project Management preferred
Energy industry preferred.

Knowledge:

Principles, practices, and administration of technical issues.
Information systems, database, networking and logical security best practices.
Industry computing platforms and architectures.
Compliance, risk management and security.
NERC CIP standards.
Microsoft Office Suite.

Skills:

Commitment to customer service excellence and teamwork.
Excellent communication and listening skills.
Utilizing company policies appropriately.
Process and procedure development, measurement and enhancement.
Analytical thinking.

Abilities:

Apply and adapt practices and techniques to a variety of situations and projects.
Present facts and recommendations effectively in oral and written form.
Establish and maintain effective relationships with employees and the general public.

Values: