Supervisor Cyber Assessment & Vulnerability Mgt PSEG LI - Public Service Enterprise Group
Bethpage, NY 11714
About the Job
Requisition: 78529 PSEG Company: PSEG Long Island Salary Range: $ 114,500 - $ 188,100 Incentive: PIP 15% Work Location Category: Remote Local PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow
In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.We want you to be healthy, balanced, and feel secure
That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health
Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs
We also offer 401(k) with company match, company paid life insurance, tuition reimbursement and a minimum of 18 days of paid time off per year.PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business
Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG
Job SummaryThis position leads Information Security staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the IT security policies and procedures to promote secure and uninterrupted operation of all IT systems, application and infrastructure
In this role, you will be responsible for proactively identifying, prioritizing, and tracking security vulnerabilities across the PSEG’s network and systems
You will also be responsible for conducting security assessments, running penetration tests, review Cyber threat intelligence and provide relevant data to parties to action upon
This role will perform red team exercises mimicking adversary practices while leveraging similar tools and techniques
To be successful in this role you must have a broad understanding of information security and experience in vulnerability management, and cyber exploitation techniques
You must also possess excellent problem-solving and communication skills.Job ResponsibilitiesCyber Assessment & Vulnerability Management lead is responsible for the overall lifecycle of the Cyber Assessment & Vulnerability Management program.Inform, advise, and partner with IT, Security, and other business units to help better secure their operations.Identify gaps in current processes, workflows, and design and recommend changes or enhancements as needed.Participate in Change Management Process, from early Assessment of proposed changes/enhancements, through Vulnerability scanning and recommended remediation before go-live.Participate in incident response activities as needed
Ensure cross-company processes around threat & vulnerability management are adhered to
This includes tracking SLAs, discovery, and handling of any finding
Maintain situational awareness, identification, tracking, and ensuring action on industry news related to software vulnerabilities, including zero-day vulnerabilities and emergency patching.Implement and operationalize advanced Vulnerability Management reporting tools
Design, develop and operationalize Vulnerability Management metrics
Design and Implement advanced Vulnerability dashboards.Evaluate performance, perform career development, coaching and counseling and manage compensation for Cyber assessment staff.Responsible for conducting security assessments & penetration tests
Review Cyber threat intelligence and ensures and provide relevant data to parties within the Cyber Assessment & Vulnerability management teams to action upon
Oversee regular red team exercises to proactively emulate attackers TTP and report back findings so security engineering and operations can improve their defenses.Create, perform tabletop exercises exercising mimicking adversary practices testing PSEG LI’s ability to respond to cyber incidents.Job Specific QualificationsRequiredBachelors degree and 8 years of relevant cyber security experienceIn lieu of a degree 12 years of cyber experienceExperience within vulnerability/compliance management, penetration testing, and/or threat huntingStrong leadership and influence skillsAbility to present to all levels of management and executive leadershipExcellent teamwork, facilitation, relationship building, and negotiation skillsAble to maintain positive working relationships both leading and as part of a teamEffective time management skills and able to multitask effectivelyAble to communicate effectively with both technical and non-technical individualsDesiredCertified Information Systems Security Professional (CISSP), or equivalentMinimum Years of Experience8 years of experienceEducationBachelorsCertificationsDisclaimerCertain positions at the Company may require you to have access to Part 810-Controlled Information
Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information
Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made
If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic
Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.As an employee of PSEG you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.For all roles, PSEG’s drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing
For employees in federally regulated roles (including positions covered by USDOT, PHMSA, or NRC regulations), this also includes random testing
Although numerous states throughout the country have legalized marijuana/cannabis products recreationally and/or medically, it is prohibited for employees in federally regulated roles
Employees who are hired or transfer into a federally regulated role are subject to drug and alcohol testing, inclusive of marijuana
Please note that the use of CBD products may result in a positive drug test for THC/Marijuana and such use is not a legitimate medical explanation for such a positive result.PSEG employees must apply for jobs internally through emPower which can be accessed through sharepoint.pseg.com by clicking on the emPower icon, then selecting careers. This site (PSEG Careers and Job Openings) is strictly for candidates who are not currently PSEG employees, with the exception of PSEG employees who do not have company email addresses.PSEG is committed to providing reasonable accommodations to individuals with disabilities
If you have a disability and need assistance applying for a position, please call
Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.ADDITIONAL EEO/AA INFORMATION (Click link below)Know your Rights: Workplace Discrimination is IllegalPay Transparency Nondiscrimination Provision
In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.We want you to be healthy, balanced, and feel secure
That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health
Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs
We also offer 401(k) with company match, company paid life insurance, tuition reimbursement and a minimum of 18 days of paid time off per year.PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business
Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG
Job SummaryThis position leads Information Security staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the IT security policies and procedures to promote secure and uninterrupted operation of all IT systems, application and infrastructure
In this role, you will be responsible for proactively identifying, prioritizing, and tracking security vulnerabilities across the PSEG’s network and systems
You will also be responsible for conducting security assessments, running penetration tests, review Cyber threat intelligence and provide relevant data to parties to action upon
This role will perform red team exercises mimicking adversary practices while leveraging similar tools and techniques
To be successful in this role you must have a broad understanding of information security and experience in vulnerability management, and cyber exploitation techniques
You must also possess excellent problem-solving and communication skills.Job ResponsibilitiesCyber Assessment & Vulnerability Management lead is responsible for the overall lifecycle of the Cyber Assessment & Vulnerability Management program.Inform, advise, and partner with IT, Security, and other business units to help better secure their operations.Identify gaps in current processes, workflows, and design and recommend changes or enhancements as needed.Participate in Change Management Process, from early Assessment of proposed changes/enhancements, through Vulnerability scanning and recommended remediation before go-live.Participate in incident response activities as needed
Ensure cross-company processes around threat & vulnerability management are adhered to
This includes tracking SLAs, discovery, and handling of any finding
Maintain situational awareness, identification, tracking, and ensuring action on industry news related to software vulnerabilities, including zero-day vulnerabilities and emergency patching.Implement and operationalize advanced Vulnerability Management reporting tools
Design, develop and operationalize Vulnerability Management metrics
Design and Implement advanced Vulnerability dashboards.Evaluate performance, perform career development, coaching and counseling and manage compensation for Cyber assessment staff.Responsible for conducting security assessments & penetration tests
Review Cyber threat intelligence and ensures and provide relevant data to parties within the Cyber Assessment & Vulnerability management teams to action upon
Oversee regular red team exercises to proactively emulate attackers TTP and report back findings so security engineering and operations can improve their defenses.Create, perform tabletop exercises exercising mimicking adversary practices testing PSEG LI’s ability to respond to cyber incidents.Job Specific QualificationsRequiredBachelors degree and 8 years of relevant cyber security experienceIn lieu of a degree 12 years of cyber experienceExperience within vulnerability/compliance management, penetration testing, and/or threat huntingStrong leadership and influence skillsAbility to present to all levels of management and executive leadershipExcellent teamwork, facilitation, relationship building, and negotiation skillsAble to maintain positive working relationships both leading and as part of a teamEffective time management skills and able to multitask effectivelyAble to communicate effectively with both technical and non-technical individualsDesiredCertified Information Systems Security Professional (CISSP), or equivalentMinimum Years of Experience8 years of experienceEducationBachelorsCertificationsDisclaimerCertain positions at the Company may require you to have access to Part 810-Controlled Information
Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information
Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made
If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic
Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.As an employee of PSEG you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.For all roles, PSEG’s drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing
For employees in federally regulated roles (including positions covered by USDOT, PHMSA, or NRC regulations), this also includes random testing
Although numerous states throughout the country have legalized marijuana/cannabis products recreationally and/or medically, it is prohibited for employees in federally regulated roles
Employees who are hired or transfer into a federally regulated role are subject to drug and alcohol testing, inclusive of marijuana
Please note that the use of CBD products may result in a positive drug test for THC/Marijuana and such use is not a legitimate medical explanation for such a positive result.PSEG employees must apply for jobs internally through emPower which can be accessed through sharepoint.pseg.com by clicking on the emPower icon, then selecting careers. This site (PSEG Careers and Job Openings) is strictly for candidates who are not currently PSEG employees, with the exception of PSEG employees who do not have company email addresses.PSEG is committed to providing reasonable accommodations to individuals with disabilities
If you have a disability and need assistance applying for a position, please call
973-430-3845
or email accommodations@pseg.com.If
you need to request a reasonable accommodation to perform the essential functions of the job, email accommodations@pseg.com
Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.ADDITIONAL EEO/AA INFORMATION (Click link below)Know your Rights: Workplace Discrimination is IllegalPay Transparency Nondiscrimination Provision
Source : Public Service Enterprise Group