IT Sr Security Analyst – NIST CSF
Company Name: PSEG
Company Location: Newark, NJ, US
Requisition ID: 64645
Job Function/Category: Information Technology
Employment Type: Exempt Full Time
This is an exciting time to be joining PSEG. Our commitments, which include safety, integrity, customer focus, and diversity & inclusion, are the fabric of our culture and help drive the success of our business. We are fortunate to have an outstanding workforce of diverse and highly skilled talent who move us forward in our operational excellence journey. PSEG has more than 12,000 employees who are dedicated to the communities we serve and embody our vision: People providing Safe, Reliable, Economic and Greener Energy.
- Provides technical expertise in threat/risk assessments
- Maintains cyber policies, regulations, and compliance documents
- Performs security reviews on new technologies and changes to existing technologies
- Analyses operational reports and proposes remediation actions
- Supports audit and penetration testing operations
Job Specific Qualifications
- Bachelor’s degree in STEM, Computer Science, Information Systems or Cyber Security
- 6 or more years of experience in Information Security.
- Ensure that the application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment.
- Manage and/or assist with protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
- Maintain open lines of communication and provide timely and relevant cybersecurity threat intelligence, situational awareness reports, and strategic, tactical and operational best practice guidance to internal and external partners.
- Identify and recommend cybersecurity hardening measures and procedures within the organization and across the enterprise in consultation with relevant stakeholders.
- Participate in industry groups such as EI-ISAC, MS-ISAC, US-CERT, DHS, FBI, NJSP, and other industry peers and partners to gain and understand security threats and intelligence.
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
- Experience with cloud computing and can implement strong security to protect cloud first environment.
- Works independently with little or no supervision.
- Excellent oral and written communication skills.
- Excellent leadership, technical teamwork, and interpersonal skills.
- Willing to work in strong team environment, constantly teaching and learning from other team members.
- Ability to foster working relationships with the team, IT Management and Client departments.
- Ability to explain technical concepts to the business users in the context of business requirements.
- Technical experience includes: information / data / network / computer security design, administration and/or assessment.
- Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
- Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
- Leadership, planning and organizing, results orientation, technical/professional knowledge.
- Excellent interpersonal, organizational, managerial, financial management and leadership skills.
- Communicates effectively with both technical and non-technical individuals.
- Maintains a solid working knowledge of Information Security principles and practices
- Please Note the Following
- Approximately 5% Travel required
- NERC CIP position, requires NERC CIP background investigation prior to start
- ISC2 Certified Information Systems Security Professional (CISSP), or equivalent
- At least 5 years’ experience as a Cyber Security Engineer, or comparable role.
- Certifications in one or more areas or willingness to obtain: CISSP, a GIAC certification (GSEC, GCIH, or other), CEH,ECSA, CompTIA Security+, or comparable.
- Experience with NIST Cybersecurity Framework
Minimum Years Of Experience
6 years of experience
Need Security Training?
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants