Sr. (Lead) Compliance Analyst

About the Role

Key responsibilities include authoring and maintaining security and compliance standards, ensuring documentation is clear, repeatable, and auditable, and providing expert guidance to technical and operational teams. The analyst partners with IT and OT cross‑functional teams to embed compliance into daily operations, tracks and drives closure of action items, identifies systemic issues for risk reduction, and reviews evidence for consistency. Additional duties involve architecting secure solutions, defining security requirements for system design, mentoring junior staff, and communicating compliance risks and program health to leadership. • Serve as NERC CIP expert for CIP‑007, CIP‑010, CIP‑011, and CIP‑013 compliance. • Author, review, and maintain security and compliance documentation. • Partner with IT/OT teams to embed compliance into daily operations. • Track, manage, and close compliance action items and mitigation tasks. • Provide guidance and mentorship to junior team members. • Conduct audits, investigations, and produce high‑quality compliance artifacts.

Key Responsibilities

• ▸cip compliance
• ▸security docs
• ▸it/ot integration
• ▸action tracking
• ▸compliance audits
• ▸mentorship

What You Bring

The EIS Compliance Analyst is a NERC CIP subject‑matter expert who works with CIP‑007, CIP‑010, CIP‑011, and CIP‑013 owners across EIS and other departments to drive compliance activities, ensure security controls are met, and maintain strong audit readiness. The analyst helps both compliance and technology owners understand internal and external requirements, evaluates processes for improvement, and implements enhancements. This role demands deep experience in information security and NERC CIP compliance, including audits, investigations, mitigation, and producing high‑quality procedures and artifacts. Required qualifications are a bachelor’s degree in Computer Science, Engineering, Information Technology or equivalent experience, plus at least 10 years in a regulated information/cyber‑security compliance role. Candidates must demonstrate attention to detail, strong written and verbal communication, quantitative and qualitative analysis abilities, and proficiency with Microsoft Office. Preferred credentials include an MBA and experience with PJM operations, markets, planning functions, or PJM committees. • Require bachelor’s degree in CS/IT or equivalent and 10+ years in regulated cyber‑security compliance. • Demonstrate strong written and oral communication and analytical skills. • Preferred: MBA and experience with PJM operations or committees.

Requirements

• ▸bachelor's
• ▸10+ years
• ▸nerc cip
• ▸microsoft office
• ▸mba
• ▸cip-007

Benefits

Flexible Work Arrangement: Hybrid. The Enterprise Information Security (EIS) department safeguards the critical infrastructure, data, and systems at PJM that manage the high‑voltage electric grid serving 65 million people. As part of the Security and Business Continuity Division, the team focuses on mitigating cybersecurity threats through risk management, compliance, and strategic partnerships. Benefits include medical, vision, and dental insurance; a 401(k) plan with a 100 % employer match up to 5 % of salary; vacation, paid holidays, tuition reimbursement, life and AD&D insurance, short‑ and long‑term disability, and additional programs such as child‑care referral, employee assistance, and adoption benefits. • Offer comprehensive benefits including medical, vision, dental, 401(k) match, tuition reimbursement, and more.

Work Environment

Hybrid