Job Summary
We are looking for talent IT professionals to join our IT Security Risk and Compliance team (ITSRC). This is a hands-on technical position with some experience performing cyber security functions and maintaining security systems across the operational business segments. Responsible for assisting the Manager Operational Technology (OT) Security to secure PSEG's OT systems and environments that includes Industrial Control Systems in Electric Transmission and Distribution, Gas, Power Operations, and Nuclear and the associated networks and communications. Must have an understanding of principles of networking, servers, endpoints and system integration. Understanding of security standards for Industrial Control Systems is desirable.
Job Responsibilities
Responsibilities include:
Follows cyber security news and alerts, understands attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities. Investigates and recommends appropriate corrective actions for information security incidents.
Collaborate with owners of security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, configuration management, privileged identify management, etc. to ensure that all assets in the OT environments are being managed.
Assists with key stakeholders to scope and perform regular vulnerability assessments to evaluate cyber risks to the OT environment.
Reviews simple OT architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations to ensure protection of critical Industrial Control Systems (ICS).
Manages vendors who provide OT cybersecurity technical support.
Responsible for training and assisting technical staff in cybersecurity techniques and applications.
Responsible for hardening OT devices in coordination with the OT teams and IT.
Job Specific Qualifications
Required:
- Bachelor's degree in Information Systems, Computer Science, Information/Computer Security, Engineering or a related technical discipline i.e. STEM.
- Level of experience required ranges from 1 to 4 years of relevant experience within the IT field or an industry with reliance on technical expertise.
- Overall strong technical proficiency in information technology/computer disciplines.
- Strong MS Office skills (i.e. Excel, Word, PowerPoint and Access)
- Programming Experience working with or related coursework .NET, HTML, SQL, Java, Java scripting, Ajax, NODE.JS, JQuery, REST API's, Angular or Object Oriented Design,
- Self-starting with the demonstrated ability to learn new technical concepts quickly.
- Detail oriented and demonstrated strong analytical and problem solving skills.
- Good written and oral communication skills.
- Good interpersonal skills and the ability to work effectively with clients, IT management and staff.
- Candidate must foster an inclusive work environment and respect all aspects of diversity. Successful candidate must demonstrate and value differences in others' strengths, perspectives, approaches, and personal choices.
Desired:
- CompTIA Security+ or equivalent (for Grades 25 and 26)
- (ISC)2 Certified Information Systems Security Professional (CISSP), SANS Global Industrial Cyber Security Professional (GICSP), or equivalent (for Grade 27)
- Provides technical guidance of the administration of security tools that control and monitor OT security
- Knowledgeable with the implementation of NIST Cyber Security Framework (CSF), North American Electric Reliability
- Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
- Knowledgeable of IT/OT technologies and utility industry experience preferred with an awareness of utility specific security threats
- Familiar with cloud computing and security standards for cloud first environment
- Knowledgeable of programming in Python or other scripting language
Public Service Enterprise Group (PSEG)
80 Park Plaza P.O. Box 570
Newark
New Jersey United States
www.pseg.com
