CERTIFICATIONS AND JOB REQUIREMENTS:

• Undergraduate degree in cybersecurity, electrical engineering, computer engineering, or a related field.
• Minimum 1–3 years of direct experience with NERC CIP or ARS CIP compliance programs in the electric utility, energy, or industrial sector.
• Strong knowledge of NERC/ARS CIP standards (CIP-002 to CIP-014), including proven experience with audits, self-certifications, evidence gathering, RSAW development, and compliance program management.
• Excellent communication skills, both spoken and written (English required; French an asset).
• Experience with ICS/OT environments such as programmable logic controllers, distributed control systems, intelligent electronic devices (IEDs), and SCADA systems.Familiarity with industrial network architectures and communication protocols (Ethernet/IP, Modbus, DNP3, ICCP, etc.).
• Preferred but not essential assets
• Experience working with utilities, Independent System Operators (ISO/RTOs), or regulatory agencies in North America.
• Exposure to compliance-driven security controls such as patch management, vulnerability assessments, change management, and access management (aligned to CIP-005, CIP-007, CIP-010, CIP-011).
• Experience with IP network devices (switches, routers, firewalls) and security tools for monitoring and compliance reporting.
• Knowledge of cybersecurity technologies and best practices beyond compliance (ISA/IEC 62443, NIST CSF, NIST SP 800-53).
• Involvement in SOC operations, incident response, recovery planning (CIP-008, CIP-009), and business continuity planning.
• Certifications such as NERC Certified CIP Professional (C3P), GCIP, CISSP, CISM, GICSP, or equivalent.

At BBA, we strive to offer effective, reliable, secure and resilient control systems to our industrial clients. Our ICS Cybersecurity team specializes in regulatory compliance and critical infrastructure protection, with a strong focus on helping utilities and industrial operators meet NERC CIP and ARS CIP requirements. We design and implement practical and innovative solutions that not only meet client needs but also satisfy mandatory compliance obligations.
You’ll work hands-on as part of multidisciplinary teams whose members have complementary expertise in digital technologies, network and telecommunication infrastructures, programming and integration of automation systems, instrumentation and controls, and digital power systems.