Jennifer DeitzSenior Security Consultant
Jennifer Deitz has been working in the utility industry since 2011, providing NERC Compliance support for utilities in the Generation and Transmission environment. Ms. Deitz has specialized in overall Program Compliance approaches, including the development and revisions of compliance documentation and training modules, assistance with self-certifications, participation in NERC CIP and 693 audits, mitigation planning, and supporting spot checks for compliance.
Since joining N&ST in 2018, Ms. Deitz has assisted clients with Mock Audits, documentation revisions and creation in preparation for CIP-003-7/8, and overall compliance program assessments and gap analysis.
Ms. Deitz’s career began in the pharmaceutical industry, working at four of the top ten pharmaceutical companies in the world. She has held positions in Vaccine Sales and Support, Compliance and Inspections, and Manufacturing Supervisor, focusing on quality control and compliance documentation.
Ms. Deitz began working in the utility industry in 2011 as a Compliance Specialist, supporting Generation and Transmission with NERC CIP Compliance, later becoming a lead on the Protection and Control Standards, particularly PRC-005. Ms. Deitz was responsible for compliance documentation creation and revisions, compiling, checking, and storing compliance evidence, RSAW creation, quarterly submissions to Regional Entities for PRC data, and maintaining the asset inventory database for Generation, and ensuring proper reporting of CIP-002 reports.
Ms. Deitz has been actively involved in NERC CIP and 693 audits, preparing data requests, SME audit preparation training, and creating mitigation plans as needed.
Most recently, Ms. Deitz was contracted at a medium size utility, creating IT documentation in support of the CIS Top 20 Cyber Security Controls. In this position, Ms. Deitz worked with IT SMEs to create processes and document them in the appropriate format. Highlights include creating a corporate policy for the IT documentation framework. This policy outlines the different type of documents (Policy, Procedure, Work Instructions, etc.) and when to use them. Along with this policy, is a work instruction on how to create good documentation and the steps for review/approval and storing documentation. Ms. Deitz also wrote the IT Risk Management program documents in support of the utility’s risk management process, which includes steps on identifying, assessing, and mitigating/remediating technology risks.
Ms. Deitz has a Bachelor of Science degree in General Science from Pennsylvania State University, with a focus on Computer Science and Statistics classes. Ms. Deitz completed the Project Management Boot Camp in July 2017 sponsored by PM Learning Solutions and has training in Six Sigma.