Incident Response and threat intelligence specialist

Date: Jun 28, 2024

Location: Bethpage, NY, US

Company: PSEG

Requisition: 78397

PSEG Company: PSEG Long Island    

Salary Range: $ 101,600 - $ 160,900 

Incentive: PIP 15%   

Work Location Category: Remote Local  


PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.

PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.

Job Summary

This position is an experienced, senior level, hands-on technical lead, performing cyber security incident response functions and maintaining systems, while providing technical guidance to the team.  Reporting to the Security Ops and Incident Response lead. The Incident Response and threat intelligence specialist will be responsible for incident response and proactive cyber threat hunting. This role will be responsible to conduct in-depth investigations, contextualize incidents with PSEG Long Island-internal information, and drive containment and response actions with PSEG IT teams. Will provide technical leadership and direction during the duration of a security incident, leveraging all available detection and response tool suites within PSEG, including SIEM, EDR/XDR, email security, DNS filtering, and network security appliances, to analyze malicious artifacts and assist with forensic investigations.

Job Responsibilities

Responsibilities include:
-    Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support
-    Provides after-hours support as needed for response activities
-    Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner
-    Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies
-    Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, , and other security technologies
-    Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques
-    Proposes and helps review security plans and policies to improve environmental security
-    Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program
-    Produces and distributes operational and tactical threat intelligence reports
-    Other duties may be assigned as needed to address new security threats facing the enterprise
-    Assists in the investigation and resolution of security events and incidents
-    Perform security event correlation, triage, and analysis
-    Apply security Threat Intelligence while responding to and investigating security events or Incidents
-    Develop Self and/or Others: Planning and supporting the development of knowledge, skills, and abilities to fulfil current or future job responsibilities more effectively
-    Champion Change: Actively engaging and supporting change and innovation by communicating the future-state, trying new approaches, and collaborating with others to make the change successful
-    Build Relationships: Building, leveraging, and maintaining relationships within and across work groups. 
-    Leads and manages information security technologies
-    Provides technical expertise in threat/risk assessments
-    Defines, designs, and implements strategies to protect against emerging threats using security tools
-    Responds to security incidents
-    Performs security reviews on new technologies and changes to existing technologies

Job Specific Qualifications

Required Qualifications:

•    Bachelors degree and 6 years of relevant cyber security experience
•    In lieu of a degree 10 years of cyber experience
•    Experience leveraging information security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control as it relates to responding to cyber incidents.
•    Ability to provide technical expertise and support to clients, IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
•    Must demonstrate strong incident response and threat analysis experience, including leveraging SIEM technology.  
•    Experience in defining processes and procedures for incident response.  
•    Demonstrated ability to follow cyber security news and alerts in order to understand complex attack vectors and risks including the ability to identify and evaluate emergent cyber security threats and vulnerabilities. 
•    Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
•    Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis
•    Experience with cloud computing and can implement strong security to protect cloud environment.
•    Experience designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
•    Must be able to work independently with little or no supervision.
•    Experience working in a team environment, with experience teaching and learning from other team members.
•    Ability to foster working relationships with the team, IT Management and Client departments.
•    Ability to explain technical concepts to the business users in the context of business requirements.
•    Experience leading, organizing, and resolving responses to cyber incidents.
•    Experience communicating effectively with both technical and non-technical individuals.

Desired Qualifications:
•    Industry Security certifications such as SANS, CISSP, etc.

Minimum Years of Experience

Data Needed



None Noted


Certain positions at the Company may require you to have access to Part 810-Controlled Information.  Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information.  Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.  If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.

PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.


As an employee of PSEG you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.


For all roles, PSEG’s drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing. For employees in federally regulated roles (including positions covered by USDOT, PHMSA, or NRC regulations), this also includes random testing. Although numerous states throughout the country have legalized marijuana/cannabis products recreationally and/or medically, it is prohibited for employees in federally regulated roles. Employees who are hired or transfer into a federally regulated role are subject to drug and alcohol testing, inclusive of marijuana. Please note that the use of CBD products may result in a positive drug test for THC/Marijuana and such use is not a legitimate medical explanation for such a positive result.


PSEG employees must apply for jobs internally through emPower which can be accessed through by clicking on the emPower icon, then selecting careers. This site (PSEG Careers and Job Openings) is strictly for candidates who are not currently PSEG employees, with the exception of PSEG employees who do not have company email addresses.

PSEG is committed to providing reasonable accommodations to individuals with disabilities. If you have a disability and need assistance applying for a position, please call 973-430-3845 or email

If you need to request a reasonable accommodation to perform the essential functions of the job, email Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.


Know your Rights: Workplace Discrimination is Illegal

Pay Transparency Nondiscrimination Provision

Nearest Major Market: New York City

Job Segment: Cloud, Testing, Developer, Sharepoint, Recruiting, Technology, Human Resources