Cyber and Information Security Analyst - Cyber Security & TSOC

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Engineering, Corporate Compliance, or a related discipline preferred. 
• A bachelor’s degree in another field with relevant cyber security, compliance, or regulated‑industry experience will be considered.
• Ability to communicate complex and technical issues clearly, accurately, and professionally to diverse audiences.
• Strong organizational skills with the ability to manage multiple priorities simultaneously.
• Commitment to ethical conduct, diligence, and accountability for results.

Nice To Haves

• Experience working in a regulated environment (electric utility, energy, critical infrastructure, or similar) preferred.
• Prior experience supporting compliance audits or regulatory reviews is a plus.
• Working knowledge of NERC CIP Standards and cyber security governance frameworks (e.g., NIST, ISO) preferred.
• Experience with GRC platforms and compliance tools.
• Demonstrated ability to influence stakeholders, resolve compliance challenges collaboratively, and drive continuous improvement.

Responsibilities

• Serve as a trusted subject matter expert (SME) for cyber security compliance requirements, providing clear, accurate, and ethical guidance to Cyber Security, IT, OT, and business units.
• Support FirstEnergy’s compliance with NERC CIP Standards and state regulations, helping ensure the protection of BES Cyber Systems and the reliability of the Bulk Electric System.
• Interpret new and revised regulatory requirements and collaborate with stakeholders to implement compliant, risk‑informed solutions.
• Participate, as appropriate, in industry forums or standards development activities to responsibly represent FirstEnergy’s operational and regulatory interests.
• Identify, assess, and communicate cyber security compliance risks in a manner that supports informed, fact‑based business decisions.
• Support risk remediation, mitigation tracking, and exception management in alignment with FirstEnergy policies, standards, and governance frameworks.
• Translate technical findings and assessment data into clear risk statements and actionable compliance recommendations.
• Guide and oversee ongoing compliance activities across business units, including evidence collection, control validation, and sustainment practices.
• Support internal audits, regulatory audits, self‑certifications, and examinations by coordinating responses and ensuring high‑quality, defensible evidence.
• Promote efficient, repeatable compliance processes that reduce operational burden while maintaining regulatory rigor.
• Educate and engage stakeholders to improve understanding of cyber security compliance responsibilities and reinforce a strong compliance culture.
• Develop and deliver professional communications, training materials, reports, and presentations tailored to both technical and non‑technical audiences.
• Build effective working relationships across organizational boundaries and influence outcomes through expertise, credibility, and collaboration.

Benefits

• employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement.