Cyber Security Analyst -GRC

Date: Apr 15, 2024

Location: Newark, NJ, US

Company: PSEG

Requisition: 76146

PSEG Company: PSEG Services Corp.    

Salary Range: $ 79,800 - $ 131,700 

Incentive: PIP 10%   

Work Location Category: Remote Local  


PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.

PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.

Job Summary

This position is an experienced level, hands-on technical lead, performing IT security functions and maintaining systems, while providing technical guidance to the team.  The GRC analyst will be responsible for leading the day to day cyber compliance, data governance, and cyber risk management functions. The role will include responsibility for defining, creating, and managing cyber and organizational policies and standards in support of legal and regulatory compliance needs as well as general cyber and organizational information security practices.
The analyst will participate in the implementation of GRC software solutions. Collaborate with stakeholders, business analysts, process leaders, and architects in interpreting requirements and configuring them into software platform. 

Job Responsibilities


  • Execute cybersecurity risk assessment and control attestation processes in GRC
  • Participate in the development and implementation of the system-wide risk management function of the information security program to ensure cyber security risks are identified and monitored.
  • Participate in  the system-wide information security compliance program, ensuring cyber activities, processes, and procedures meet defined requirements, policies and regulations.
  • Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure cyber security and compliance with relevant legislation and legal interpretation.
  • Work with Internal and External Auditors as appropriate on required security assessments and audits
  • Candidate should be able to provide GRC guidance and interpretation of rules, regulations, risks, and best practices.
  • Ability to trouble shoot, identify, analyze and mitigate GRC related risks in existing processes, policies and procedures
  • Review control effectiveness evidence to assess the quality and effectiveness of the implemented controls
  • Work with development teams to provide appropriate and effective remediation guidance for vulnerabilities discovered during various assessments
  • Document residual risk
  • Prepare and communicate operational metrics and trend analysis for the Cybersecurity Leadership Team

Job Specific Qualifications


  • Bachelor's degree in Computer Science, Information Systems, Cyber Security, Engineering, or related discipline (i.e. STEM) and minimum of 4 years of experience in Information Security.
  • In lieu of a degree, minimum of 8 years of experience in information security role.
  • Knowledge of information security risk management frameworks and compliance practices.
  • Knowledge of securing network technologies, client, and server operating systems.
  • Ability to develop security standards and guidelines based on best practices and industry standards
  • Excellent oral and written communication skills.
  • Excellent technical teamwork, and interpersonal skills.
  • Willing to work in strong team environment, constantly teaching and learning from other team members.
  • Ability to foster working relationships with the team, IT Management and Client departments.
  • Ability to explain technical concepts to the business users in the context of business requirements.
  • Technical experience includes: information / data / network / computer security design, administration and/or assessment.
  • Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
  • Ability to plan and organize, results orientation, technical/professional knowledge.
  • Approximately 5% Travel required
  • NERC CIP position, requires NERC CIP background investigation prior to start



  • Experience in Operational Technology (OT) Security is a plus
  • Experience performing cyber security risk assessments
  • ISC2 Certified Information Systems Security Professional (CISSP) or equivalent
  • Programming Experience in Python


Minimum Years of Experience

Data Needed
4 years of experience




None Noted


Certain positions at the Company may require you to have access to Part 810-Controlled Information.  Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information.  Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.  If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.

PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.


As an employee of PSEG you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.


PSEG’s drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing. For employees in federally regulated roles (including positions covered by USDOT, PHMSA, or NRC regulations), this also includes random testing. All drug and alcohol testing for federally regulated roles is inclusive of marijuana. Employees who transfer into a federally regulated role are subject to drug and alcohol testing, inclusive of marijuana.


PSEG employees must apply for jobs internally through emPower which can be accessed through by clicking on the emPower icon, then selecting careers. This site ( is strictly for candidates who are not currently PSEG employees, with the exception of PSEG employees who do not have company email addresses.


PSEG is committed to providing reasonable accommodations to individuals with disabilities. If you have a disability and need assistance applying for a position, please call 973-430-3845 or email

If you need to request a reasonable accommodation to perform the essential functions of the job, email Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.


Know your Rights: Workplace Discrimination is Illegal

Pay Transparency Nondiscrimination Provision

Nearest Major Market: Newark
Nearest Secondary Market: New York City

Job Segment: Testing, Compliance, Information Security, Environmental Engineering, Risk Management, Technology, Legal, Engineering, Finance