Loading...
 
Share this Job

Cyber Security Analyst-CEII

Date: Nov 17, 2021

Location: Newark, NJ, US

Company: PSEG

Requisition ID:  68301 

 

Job Function/Category:  Information Technology 

 

Employment Type:  Exempt Full Time 

 

This is an exciting time to be joining PSEG. Our commitments, which include safety, integrity, customer focus, and diversity & inclusion, are the fabric of our culture and help drive the success of our business. We are fortunate to have an outstanding workforce of diverse and highly skilled talent who move us forward in our operational excellence journey.  PSEG has more than 12,000 employees who are dedicated to the communities we serve and embody our vision: People providing Safe, Reliable, Economic and Greener Energy.

 

Consistent with our core commitment of safety, PSEG has made the decision to require all new hires to be fully COVID-19 vaccinated as a condition of employment.  "Fully vaccination" is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered.   Anyone unable to be vaccinated, either because of a sincerely held religious belief or a disability can request a reasonable accommodation.

 

Job Summary

This position is an experienced, hands-on technical lead responsible for managing programs, policies, and procedures relating to the operation of the enterprise wide vendor risk management program. This role will support third party risk management through new vendor reviews and periodic reviews efforts. 

As part of the cybersecurity team, the selected candidate will be responsible for, execution and oversight of a cybersecurity vendor risk management process.
•    As part of this work, the individual will be tasked with ensuring suppliers remains in compliance with cybersecurity requirements and industry best practices.
•    Track and monitor the status of each due diligence review and communicate the status with key stakeholders on a regular basis.
•    This position will also play a key cybersecurity role in continuous improvement of procurement process related to cybersecurity concerns.

Job Responsibilities

•    Communicating with internal departments such as lines of business/business units, internal audit, senior management and more to answer vendor questions and oversee tasks
•    Maintaining a database of pertinent risk information pertaining to vendor, and communicating this data via consistent reporting to senior leadership, pertinent stakeholders 
•    Facilitating vendor selection and contract negotiation processes
•    Maintain central repository of vendor risk assessment conducted, including artifacts and supporting documentation. 
•    Participate in Procurement Request for Proposals to provide GRC insight. 
•    Participate and maintain documentation in support of audit reviews to ensure vendor risk process complies. 
•    Serve as subject matter expert to identify and address key vendor related risks and areas of concern associated with new and existing third parties. 
•    Communicate identified risks to key stakeholders and establish remediation action plans, and track and monitor identified vendor risks to closure. 
•    Build effective relationships with stakeholders who own and support vendor relationships 
•    Develop and report on key risk metrics for the vendor risk management program 
•    Read and understand contractual agreements to ensure identified risks comply with the Company's policies and procedures, legal, and regulatory requirements
•    Vendor issues and concerns (e.g., oversight deficiencies, program concerns, and open risk items) are reported and escalated.
•    Maintain and mature cybersecurity vendor risk management tool in Service Now to deliver full vendor risk management assessments and tracking 

Job Specific Qualifications

  • Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering or related discipline.
  • Minimum of 3 years of experience in a vendor/risk management role.
  • In lieu of a bachelor's degree, must have a minimum of 7 years of experience in a vendor/risk management role
  • Experience with Governance Risk & Compliance (GRC) tools in the area of third party risk management, requirements documentation etc. 
  • Prior experience with technical business applications, knowledge of IT infrastructure and IT risks and controls. 
  • Experience with Service Now, Vendor Risk Management (VRM) tool and how to develop requirements for improvements. 
  • Demonstrated excellent verbal and written communication skills including presentation and facilitate group meetings. 

Desired:

•    Demonstrated experience preparing, coordinating, executing and /or managing vendor programs in collaboration with stakeholders and various lines of business strongly preferred
•    ISC2 Certified Information Systems Security Professional (CISSP), or equivalent 
•    Certifications in one or more areas or willingness to obtain: CISSP, a GIAC certification (GSEC, GCIH, or other), CEH, ECSA, CompTIA Security+, or comparable
•    Technical or policy experience specific to Cybersecurity. 
•    Technical or related certifications.

Minimum Years of Experience

4 years of experience

Education

Certifications

None Noted

Disclaimer

Certain positions at the Company may require you to have access to Part 810-Controlled Information.  Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information.  Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.  If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.

As an employee of PSE&G or PSEG Long Island, you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.

 

This site (http://www.pseg.com) is strictly for candidates who are not currently PSEG employees. PSEG employees must apply for jobs internally through empower which can be accessed through the mypseg homepage by clicking on the employee center tab, then under the empower header, choose careers.

 

Business needs may cause PSEG to cancel or delay filling position at any time during the selection process.

 

Certain positions at the Company may require you to have access to Part 810-Controlled Information.  Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information.  Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.  If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.

 

Consistent with our core commitment of safety, PSEG has made the decision to require all new hires to be fully COVID-19 vaccinated as a condition of employment.  "Fully vaccination" is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered.   Anyone unable to be vaccinated, either because of a sincerely held religious belief or a disability can request a reasonable accommodation.

 

Public Service Enterprise Group (PSEG) is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legal protected characteristic. Legally protected characteristics included, race, color, religion, national origin, sex, age, marital status, sexual orientation, disability, or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.

 

Need to request an accommodation?  If you have a disability and need assistance submitting your resume, applying for a position or registering for a test, please call 973-430-3845. Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.


Nearest Major Market: Newark
Nearest Secondary Market: New York City

Job Segment: Engineer, Law, Risk Management, Information Systems, Compliance, Engineering, Legal, Finance, Technology