PSEG
Data Security - Senior Cyber Security Analyst
PSEG, Bethpage, New York, United States, 11714
Data Security - Senior Cyber Security Analyst
This position is an experienced, senior level, hands-on technical lead, performing IT security functions and maintaining systems, while providing technical guidance to the team. Protects PSEG’s sensitive data to reduce the risk of data exfiltration and misuse. This engineering resource collaborates with Cyber Governance & risk to integrate technical data protection mechanisms. This individual ensures data security best practices and organizational objectives are aligned and implements controls to continuously monitor and improve elements such as data classification, data protection, data encryption (at rest & in motion).Job Responsibilities
Include but are not limited to:Coordinate with stakeholders to develop a data protection roadmap to ensure sufficient technical controls to secure PSEG’s data.Implement defined data security requirements and specifications.Implement and improve data monitoring capabilities as part of a data security program to improve visibility and protect PSEG LI’s data from malicious attacks.Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities on PSEG’s Data.Actively detect and prevent unauthorized egress of PSEG data.Improve technology to automate and enhance data security capabilities.Support the development and maintenance of data security technologies.Ensure technical controls allow for appropriate data security capabilities including classification, discovery, and business functions to secure all data at rest and in transit.Job Specific Qualifications
Required Qualifications:Bachelor's degree and 6 years of relevant cyber security experience
In lieu of a degree, 10 years of cyber experience.
Experience managing information security technologies such as IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response.Demonstrated strong understanding of encryption protocols, including TLS 1.3.Demonstrated strong familiarity with data privacy and relevant regulations, standards, and guidelines, such as GDPR, CCPA, ISO 27001, NIST CSF, and other industry-specific regulations.Technical experience includes: information/data/network/computer security design, administration, and/or assessment.Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware, and operating systems.Experience providing technical expertise and support to clients, IT management, and staff in cybersecurity threat risk assessments, development, testing, and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize, or quickly recover from cyber-attacks or other serious events.Demonstrated ability to follow cybersecurity news and alerts in order to understand complex attack vectors and risks including the ability to identify and evaluate emergent cybersecurity threats and vulnerabilities.Experience designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.Ability to review complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.Must be able to work independently with little or no supervision.Experience working in a team environment, with experience teaching and learning from other team members.Ability to foster working relationships with the team, IT Management, and Client departments.Ability to explain technical concepts to business users in the context of business requirements.Demonstrated ability to communicate effectively with both technical and non-technical individuals.Desired Qualifications:ISC2 Certified Information Systems Security Professional (CISSP) or equivalent.Programming experience in Python.Minimum Years of Experience
6 years of experience.Disclaimer
Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic.
#J-18808-Ljbffr
This position is an experienced, senior level, hands-on technical lead, performing IT security functions and maintaining systems, while providing technical guidance to the team. Protects PSEG’s sensitive data to reduce the risk of data exfiltration and misuse. This engineering resource collaborates with Cyber Governance & risk to integrate technical data protection mechanisms. This individual ensures data security best practices and organizational objectives are aligned and implements controls to continuously monitor and improve elements such as data classification, data protection, data encryption (at rest & in motion).Job Responsibilities
Include but are not limited to:Coordinate with stakeholders to develop a data protection roadmap to ensure sufficient technical controls to secure PSEG’s data.Implement defined data security requirements and specifications.Implement and improve data monitoring capabilities as part of a data security program to improve visibility and protect PSEG LI’s data from malicious attacks.Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities on PSEG’s Data.Actively detect and prevent unauthorized egress of PSEG data.Improve technology to automate and enhance data security capabilities.Support the development and maintenance of data security technologies.Ensure technical controls allow for appropriate data security capabilities including classification, discovery, and business functions to secure all data at rest and in transit.Job Specific Qualifications
Required Qualifications:Bachelor's degree and 6 years of relevant cyber security experience
In lieu of a degree, 10 years of cyber experience.
Experience managing information security technologies such as IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response.Demonstrated strong understanding of encryption protocols, including TLS 1.3.Demonstrated strong familiarity with data privacy and relevant regulations, standards, and guidelines, such as GDPR, CCPA, ISO 27001, NIST CSF, and other industry-specific regulations.Technical experience includes: information/data/network/computer security design, administration, and/or assessment.Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware, and operating systems.Experience providing technical expertise and support to clients, IT management, and staff in cybersecurity threat risk assessments, development, testing, and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize, or quickly recover from cyber-attacks or other serious events.Demonstrated ability to follow cybersecurity news and alerts in order to understand complex attack vectors and risks including the ability to identify and evaluate emergent cybersecurity threats and vulnerabilities.Experience designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.Ability to review complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.Must be able to work independently with little or no supervision.Experience working in a team environment, with experience teaching and learning from other team members.Ability to foster working relationships with the team, IT Management, and Client departments.Ability to explain technical concepts to business users in the context of business requirements.Demonstrated ability to communicate effectively with both technical and non-technical individuals.Desired Qualifications:ISC2 Certified Information Systems Security Professional (CISSP) or equivalent.Programming experience in Python.Minimum Years of Experience
6 years of experience.Disclaimer
Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made.PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic.
#J-18808-Ljbffr