JOB DESCRIPTION
Role Details
Position title: IT Systems Administrator
Reports to: Manager, Operations Control Centre
Department: Operations & Maintenance
Direct Reports: Nil
Job Summary
We are seeking a highly skilled and motivated IT Systems Administrator to oversee and manage NERC CIP (Critical Infrastructure Protection) systems within a control center environment. This position plays a critical role in maintaining the reliability, security, and compliance of our energy management and control systems in alignment with NERC CIP standards.
As the IT Systems Administrator, you will be directly responsible for the management, security, and performance of IT infrastructure that supports critical energy operations. This role demands expertise in NERC CIP standards, network security, system administration, and the ability to work effectively within a control center environment.
Main Responsibilities
- Administration of Systems: Ensure all systems are running at peak performance through system reliability, patch management, and security updates. Maintenance and creation of new systems when required.
- Monitoring Systems: Monitor existing equipment, real-time data, and control to ensure connectivity for OCC operating systems.
- Documentation: Ensure existing documentation is up to date as well as the creation of new documentation for procedures and compliance.
- Compliance: Use best practices and benchmarks to ensure compliance with regulatory and company standards. Utilize industry-recognized approaches, methodologies, and techniques specific to competency area to deliver quality real-time control and monitoring solutions.
Functional Competencies
- Administer, monitor, and maintain NERC CIP-compliant IT systems, ensuring compliance with all applicable regulations and security requirements.
- Design, implement, and manage secure network architectures, including firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS), specifically tailored to meet NERC CIP standards.
- Conduct regular system audits, vulnerability assessments, and patch management to ensure all systems are secure and compliant with NERC CIP requirements.
- Manage access controls, identity management, and role-based access policies to ensure compliance with NERC CIP security standards.
- Monitor real-time operational systems within the control center to ensure high availability, performance, and security of critical infrastructure.
- Collaborate with internal and external audit teams to ensure continuous NERC CIP compliance and address any non-compliance issues or findings.
- Implement and maintain backup, disaster recovery, and business continuity plans for critical systems.
- Lead incident response and troubleshooting for cybersecurity threats and system failures, focusing on minimizing downtime and mitigating risks to critical infrastructure.
- Develop and maintain detailed documentation of systems, configurations, and procedures related to NERC CIP compliance and system administration.
- Provide training and guidance to control center staff and other IT personnel on NERC CIP standards and secure system operation.
- Stay current with new and emerging technologies, regulations, and best practices in NERC CIP compliance, cybersecurity, and IT systems administration.
Job Requirements
- Bachelor’s degree in information technology, Computer Science, or a related field.
- 5+ years of experience in IT systems administration, with a focus on NERC CIP environments, energy management systems, or critical infrastructure.
- Strong understanding of NERC CIP standards and how they apply to energy sector cybersecurity and system administration.
- Proficiency in Windows and Linux server administration, virtualization technologies (VMware, Hyper-V), and network security.
- Experience with firewalls, IDS/IPS, network segmentation, and multi-factor authentication in compliance with NERC CIP standards.
- Familiarity with SCADA systems, energy management systems (EMS), or other control systems in the energy sector is highly desirable.
- Knowledge of incident response, vulnerability management, and cybersecurity best practices.
- Strong analytical, problem-solving, and troubleshooting skills.
- Excellent written and verbal communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, or CISA, as well as NERC CIP training or certification, are preferred.
Other Requirements:
- Travel may be required from time to time.
- Possible call-ins could occur during emergency failures/issues.