About the role
**CIP Compliance Consultant (12 month contract)
Location: Vancouver, BC / Hybrid
Staffing Placement Opportunity** Work Assignment Overview Project Manager role supporting various Critical Infrastructure Protection (CIP) incident-related action plans, combined with business analysis and incident investigation responsibilities.
General Description The IT Cyber Security Compliance Consultant (Level 2) is responsible for creating and maintaining cyber security standards and guidelines. This role includes working collaboratively with service providers and security administrators to support compliance sustainment activities, such as IT audits, to ensure alignment with cyber security regulations, industry standards, and internal policies.
Experience And Role Accountabilities
- Minimum of five (5) years of experience in Information Technology, with at least three (3) years focused in cyber security or equivalent.
- Collaborate with service providers and security teams to support compliance sustainment activities, such as audits and evidence collection, ensuring adherence to security regulations and internal policies.
- Review compliance evidence documentation in coordination with policy subject matter experts, cybersecurity and safety teams, and emergency management stakeholders, ensuring completion and quality of compliance policies, procedures, and records.
- Conduct compliance impact assessments for IT projects, advising project managers on best practices and required actions to maintain security standards.
- Identify potential cyber security risks by performing vulnerability assessments, monitoring external events, and reviewing system logs to support contingency planning.
- Analyze test results and recommend remediation solutions by validating security configurations and assessing the impact of vulnerabilities across systems and infrastructure.
Education and Skills
-
Bachelor's degree or technical diploma in Computer Science, Information Security, or a related discipline.
-
Certification in at least one of the following areas (considered an asset):
-
Certified Information Systems Security Professional (CISSP)
-
Certified in Risk and Information Systems Control (CRISC)
-
Certified Information Systems Auditor (CISA)
-
Certified Information Security Manager (CISM)
-
Strong knowledge of IT compliance audit processes and technical concepts, including but not limited to:
-
Internet policy enforcement
-
Network architecture
-
Active Directory
-
Log management and monitoring
-
Vulnerability scanning and penetration testing
-
Configuration and asset management
-
Encryption, authentication, and web content filtering
-
Physical security in IT contexts
-
Familiarity with industry standards and frameworks:
-
ISO 27001/2
-
NIST (National Institute of Standards and Technology)
-
Freedom of Information and Protection of Privacy legislation (e.g., BC FIPPA)
-
NERC CIP (North American Electric Reliability Corporation – Critical Infrastructure Protection)
-
COBIT (Control Objectives for Information and Related Technologies)
-
Ability to obtain security clearance for a Security Sensitive Position.
-
Excellent communication skills, both written and verbal.
Work Assignment Requirements
- Collaborate with business units across the organization to implement CIP practices, support development and execution of mitigation and management action plans, and drive continuous improvement and regulatory alignment.
- Work with subject matter experts to design and implement updates to CIP-related policies, procedures, controls, and job aids based on outcomes from mitigation plans, investigations, and process reviews.
- Conduct investigations into non-compliance incidents under established frameworks, applying root cause analysis and contributing to mitigation plan development from an enterprise-wide perspective.
- Provide technical writing support on documentation related to incidents, including but not limited to: mitigation plans, extent of condition reports, and root cause analysis documentation.
Must Haves
- Experience with project management and process improvement
- Experience with NERC CIP or cyber security
- Excellent facilitation and communication skills
Nice To Haves
- Change management experience
- Technical Writing experience
- Incident/ Violation Investigation experience
Note: this is an opportunity with a Microserve client.
About Microserve
Microserve is an IT solutions company rooted in a philosophy of long-term partnerships and continuous innovation. Our outstanding team has delivered IT solutions to clients across BC and Alberta for over 35 years. Based in Burnaby BC, Microserve also holds branches in Victoria, Edmonton, and Calgary in addition to service networks across both provinces.
Since 1987 businesses have trusted Microserve for extensive experience and expertise in providing IT solutions across BC and Alberta, a commitment to excellence in all of our service offerings ensuring only the highest level of quality and client satisfaction, and a focus on relationships and dedication to supporting the long-term best interests of our clients. We are committed to excellence in everything that we do. This commitment to maintaining a high level of expertise in the constantly changing IT industry and to developing long-term relationships has allowed us to establish and maintain a strong market position as one of the largest independent IT solution providers in Western Canada.
We provide services in: Managed Services, IT Security Services, Modern Workplace, Data Centre, Backup & Disaster Recovery, Audio Visual Solutions, Cloud Services, IT Staffing, Projects & IT Consulting, IT Procurement, End User Computing, Managed Print Services
About the role
**CIP Compliance Consultant (12 month contract)
Location: Vancouver, BC / Hybrid
Staffing Placement Opportunity** Work Assignment Overview Project Manager role supporting various Critical Infrastructure Protection (CIP) incident-related action plans, combined with business analysis and incident investigation responsibilities.
General Description The IT Cyber Security Compliance Consultant (Level 2) is responsible for creating and maintaining cyber security standards and guidelines. This role includes working collaboratively with service providers and security administrators to support compliance sustainment activities, such as IT audits, to ensure alignment with cyber security regulations, industry standards, and internal policies.
Experience And Role Accountabilities
- Minimum of five (5) years of experience in Information Technology, with at least three (3) years focused in cyber security or equivalent.
- Collaborate with service providers and security teams to support compliance sustainment activities, such as audits and evidence collection, ensuring adherence to security regulations and internal policies.
- Review compliance evidence documentation in coordination with policy subject matter experts, cybersecurity and safety teams, and emergency management stakeholders, ensuring completion and quality of compliance policies, procedures, and records.
- Conduct compliance impact assessments for IT projects, advising project managers on best practices and required actions to maintain security standards.
- Identify potential cyber security risks by performing vulnerability assessments, monitoring external events, and reviewing system logs to support contingency planning.
- Analyze test results and recommend remediation solutions by validating security configurations and assessing the impact of vulnerabilities across systems and infrastructure.
Education and Skills
-
Bachelor's degree or technical diploma in Computer Science, Information Security, or a related discipline.
-
Certification in at least one of the following areas (considered an asset):
-
Certified Information Systems Security Professional (CISSP)
-
Certified in Risk and Information Systems Control (CRISC)
-
Certified Information Systems Auditor (CISA)
-
Certified Information Security Manager (CISM)
-
Strong knowledge of IT compliance audit processes and technical concepts, including but not limited to:
-
Internet policy enforcement
-
Network architecture
-
Active Directory
-
Log management and monitoring
-
Vulnerability scanning and penetration testing
-
Configuration and asset management
-
Encryption, authentication, and web content filtering
-
Physical security in IT contexts
-
Familiarity with industry standards and frameworks:
-
ISO 27001/2
-
NIST (National Institute of Standards and Technology)
-
Freedom of Information and Protection of Privacy legislation (e.g., BC FIPPA)
-
NERC CIP (North American Electric Reliability Corporation – Critical Infrastructure Protection)
-
COBIT (Control Objectives for Information and Related Technologies)
-
Ability to obtain security clearance for a Security Sensitive Position.
-
Excellent communication skills, both written and verbal.
Work Assignment Requirements
- Collaborate with business units across the organization to implement CIP practices, support development and execution of mitigation and management action plans, and drive continuous improvement and regulatory alignment.
- Work with subject matter experts to design and implement updates to CIP-related policies, procedures, controls, and job aids based on outcomes from mitigation plans, investigations, and process reviews.
- Conduct investigations into non-compliance incidents under established frameworks, applying root cause analysis and contributing to mitigation plan development from an enterprise-wide perspective.
- Provide technical writing support on documentation related to incidents, including but not limited to: mitigation plans, extent of condition reports, and root cause analysis documentation.
Must Haves
- Experience with project management and process improvement
- Experience with NERC CIP or cyber security
- Excellent facilitation and communication skills
Nice To Haves
- Change management experience
- Technical Writing experience
- Incident/ Violation Investigation experience
Note: this is an opportunity with a Microserve client.
About Microserve
Microserve is an IT solutions company rooted in a philosophy of long-term partnerships and continuous innovation. Our outstanding team has delivered IT solutions to clients across BC and Alberta for over 35 years. Based in Burnaby BC, Microserve also holds branches in Victoria, Edmonton, and Calgary in addition to service networks across both provinces.
Since 1987 businesses have trusted Microserve for extensive experience and expertise in providing IT solutions across BC and Alberta, a commitment to excellence in all of our service offerings ensuring only the highest level of quality and client satisfaction, and a focus on relationships and dedication to supporting the long-term best interests of our clients. We are committed to excellence in everything that we do. This commitment to maintaining a high level of expertise in the constantly changing IT industry and to developing long-term relationships has allowed us to establish and maintain a strong market position as one of the largest independent IT solution providers in Western Canada.
We provide services in: Managed Services, IT Security Services, Modern Workplace, Data Centre, Backup & Disaster Recovery, Audio Visual Solutions, Cloud Services, IT Staffing, Projects & IT Consulting, IT Procurement, End User Computing, Managed Print Services