The Manager, CIP Compliance role is responsible for ATCO’s Critical Infrastructure Protection (CIP) Compliance Program, leading a team of information technology and business professionals, and coordinating compliance requirement tasks across multiple stakeholders to ensure compliance with the Alberta Electric System Operator (AESO) CIP Alberta Reliability Standards (ARS). This position requires broad expertise and advanced knowledge of technical solutions required to meet regulatory requirements.

The successful candidate will be an integral member of ATCO’s Technology & Global Security leadership team. Strong leadership skills, technical expertise, the ability to efficiently manage challenging situations and complex compliance requirements, while providing mentorship and guidance to team members as well as other ATCO business units is essential to this role.

The Manager, CIP Compliance will be required to develop processes, procedures, and internal controls to ensure Operational Technology (OT) systems are compliant with CIP requirements and meet best practices for cybersecurity.  You will also be required to lead the development and implementation of compliance controls for new AESO CIP standards by providing guidance to cross-functional teams responsible for compliance. 

We’re looking for someone who has keen attention to detail, challenges the status quo, embraces change, and thrives in a collaborative work environment. If you are someone who approaches work with passion, curiosity and the courage to innovate, this role is for you.  

 

What You Get to Do: 

Develop, implement and maintain a comprehensive Critical Infrastructure Protection (CIP) Compliance Program that aligns with Alberta Reliability Standards (ARS) and industry best practices  Resolve complex issues and ensure a holistic approach to implementation of innovative solutions for CIP compliance. Lead and oversee cross functional initiatives and facilitate activities such as clarifying roles & responsibilities, coordinating transition to operations activities, providing training, and ensuring effective communication.  Collaborate with internal and external stakeholders, including regulatory agencies, industry peers, and service providers, to ensure CIP compliance. Coordinate CIP Compliance audit activities, develop and maintain performance metrics, conduct self-certifications and investigations, facilitate reporting and mitigate contraventions. Participate in industry-lead CIP and ARS compliance forums. Contribute to the creation, implementation, and ongoing management of the Operational Technology (OT) program to which CIP requirements are applicable, focusing on IT, cyber and physical security requirements and other relevant regulations. Verify and ensure that all documentation is current, complete, accurate and adheres to relevant regulatory standards. Leverage expertise in IT, cyber and physical security, along with regulatory knowledge, to assess current practices, identify gaps, and propose risk mitigation strategies within the OT environment. Stay current with the latest cybersecurity and CIP compliance requirements to maintain a comprehensive inventory of requirements and compliance evidence Respond to ad-hoc requests from internal and external stakeholders and compliance oversight organizations to ensure timely oral and written communication. Support CIP compliance requirement owners in the development, implementation, and maintenance of effective controls. Oversee the preparation of written responses to regulatory data requests, investigations, compliance and regulatory audits, and customer inquiries. Conduct quality reviews on compliance activities on regular basis. Develop documentation related to audit findings, self-reports, root cause analysis, mitigation plans and evidence of completion, including compilation of evidence packages. Monitor developing or evolving compliance obligations to ensure compliance with national, regional, and local regulations, developing new metrics as needed. Stay informed of compliance-related metrics, implement AESO / NERC self-reporting process, including making non-compliance determinations and preparing self-reports and mitigation plans to the regulator. Validating, through gap analysis and self-certification, that complete and accurate evidence of compliance exists for all CIP standards  Participate, monitor and track CIP compliance mitigation action plans from initiation through closure. Develop and facilitate CIP compliance related presentations as required.

Who you are: 

Bachelor’s degree in Information Technology, Computer Science or Electrical Engineering Minimum of 10 years of experience in cybersecurity or information technology, with a focus on compliance and risk management Minimum of 5 years of experience in a leadership position and CISSP or CGIP Certification preferred  In-depth experience with compliance auditing and reporting   Strong understanding of North American Electric Reliability Corporation (NERC) CIP standards and regulatory requirements Familiarity with cybersecurity frameworks (e.g., NIST Cybersecurity Framework) Exceptional organizational, interpersonal, written, and verbal communication skills Strong analytical and problem-solving abilities Class 5 or Valid Driver’s License with a clean abstract and able to maintain same Proven ability to develop and implement compliance programs Excellent communication and interpersonal skills Willingness to embrace new technology that contributes to compliance efficiency Knowledge of industry best practices for cybersecurity and risk management Strong change and project management skills.

What We Offer: 

A culture based on caring, integrity, agility, collaboration, and striving for excellence  Competitive compensation  Flex benefits  Tuition assistance program  Training and mentorship programs  Charitable donation matching 

 

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.

Canadian Utilities is part of ATCO Ltd. ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com. 

At ATCO, we support a diverse and inclusive environment that values the contributions and perspectives of everyone on the ATCO team. We believe the ATCO team is the foundation of our business and our most valuable asset across our global operations. Without each team members’ unique skills, strengths, and knowledge, we simply wouldn’t be able to achieve our fundamental vision of delivering life’s essential services to our customers around the world. 

ATCO is an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.