Lisa Grumbine

Senior Security Consultant

Ms. Grumbine has over 20 years of experience in the electric utility industry in the areas of EMS/Scada application development and cyber security.  She has combined this operational experience and expertise to address the compliance commitments in this industry, including NERC CIP and Sarbanes-Oxley.   She joined NST in 2018.  

Ms. Grumbine has worked in the NERC compliance beginning with CIP Version 3.  She has extensive operational and implementation experience with NERC CIP (V5) standards, working with utilities to build their compliance programs from the ground up for Low, Medium and High Impact systems.   

She has a unique perspective of how to distill cyber security and compliance needs into concrete steps that a utility can use to maintain system security, collect compliance evidence while maintaining system security and reliability.  She is skilled in taking abstract requirements and turning them into concrete and understandable procedures and processes to produce consistent compliance evidence.   

Ms. Grumbine is CISSP certified with an extensive breadth of expertise in NERC CIP compliance, including:   

  • NERC CIP Standards (V3 and up)   
  • Compliance Programs   
  • Control Center Operations, EMS and SCADA   
  • Vulnerability Assessments   
  • Risk Mitigation   
  • Baseline Management   
  • Policy, Procedure and Operations documents: development and updating   
  • Evidence collection and audit preparation   

Earlier in Career   

Previously, Ms. Grumbine worked at a Private Liberal Arts College as Associate Director of Administrative Computing. During her tenure, she was System Administrator, Application Developer and Database Administrator responsible for keeping the business IT system of the College operational and secure.   


Ms. Grumbine received a Bachelor of Science degree in Computer Science from Indiana University of Pennsylvania and holds the Certified Information Systems Security Professional (CISSP) certification.