Director Cybersecurity Operations

PSEG•Newark, NJ

1d•Hybrid

About The Position

The Director, Cybersecurity Operations leads the development, implementation, and ongoing coordination of enterprise-wide cybersecurity operations, including Threat Engineering, Threat Detection, Cybersecurity Industry Threats Coordination, Endpoint Security, Network Security, Email Security, the Security Operations Center (SOC), Threat Analysis and Incident Response, Cybersecurity Logging & Monitoring, Vulnerability Management, Application Security, Data Security, Insider Trust, Threat Intelligence, and Cyber Threat Hunting. (S)he coordinates across all business lines, service departments, and external risk organizations (e.g. Law Enforcement, cross-sector cyber industry trade organizations) and peer energy companies. As PSEG’s senior leader responsible for cybersecurity operations, (s)he will also be responsible for defining and aligning cybersecurity policies, strategy, and standards, and for governing actual cybersecurity operations, including overseeing an internal SOC and manage service provider, and for maintaining an Incident Response program to ensure appropriate responses to cybersecurity incidents. During an incident, (s)he will be designed as lead cyber incident commander and will be responsible for the containment, eradication, and recovery, as applicable. (S)he will be responsible for multiple discrete projects/enhancements to build, maintain, and mature capabilities, including people, processes, and technologies. (S)he will engage across the entire IT, OT, and managed services landscapes, including leading a team across these environments. (S)he will spend his/her time Stopping/mitigating complex attacks, including making emergency decisions in response to active attacks outside of routine technology processes. Executing on key operational decisions with potentially high impact affecting attacks and threats facing PSEG (e.g. spam/malware campaigns, criminal operations). Ensuring the planning, development, implementation, and maintenance of our SOC, including partnering directly with stakeholders as a multi-disciplined team to design/deploy strategies and solutions across a variety of vendor platforms. Acting as a SOC thought leader, consistently researching new ways to improve operations and strategy. Ensuring adherence to cybersecurity controls, policies and standards with a focus on automation and control. Assessing the current IT architecture, business needs, and future requirements as they relate to the SOC. Determining cybersecurity requirements by evaluating business strategies and requirements, researching standards, conducting system security and vulnerability analyses and risk assessments, studying architectures/platforms, identifying integration issues, and preparing cost estimates. Verifying that processes/systems comply with laws/regulatory requirements from local/national governments. Preparing for, and potentially presenting at, Cyber Council, Senior Executive Team, and Board of Directors meetings. Preparing senior-level technical reports for executive management. Engaging in ongoing communications with peers in IT and business (e.g. Legal, HR, Security) to ensure enterprise wide understanding of cybersecurity goals, to solicit feedback and to foster cooperation. Managing relationships with third party service providers, including contract language negotiations. Maintaining up-to-date cybersecurity knowledge, including awareness of innovative solutions/processes, emerging standards, and new threat vectors by reading professional publications, maintaining personal networks, and participating in professional organizations.

Requirements

Bachelors degree and 10 years of relevant cybersecurity experience, including leadership experience
Demonstrated strong leadership and influence skills
Demonstrated strong presentation skills with the ability to present to all levels of management and executive leadership
Experience leading a 24x7x365 SOC/Cyber Fusion Center
Experience managing incident response processes for incidents of all sizes and impacts
Experience with Red Teams and with Table Top Exercises
Experience with Vulnerability Management
Strong knowledge of Application Security tools and concepts, including Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Penetration Testing
Proven working experience in Security Analysis, Threat Intelligence, Email Security, and/or Endpoint Security
Experience with Penetration Testing, including scoping, executing, reporting, and evaluating remediations
Executive teamwork, facilitation, relationship building, and negotiation skills
Ability to maintain positive working relationships both as a leader and as a team member
Effective time management and multitasking skills
Ability to communicate effectively with both technical and non-technical individuals
Strong interpersonal communication skills, analytical abilities, detail focused, quality focused, and problem-solving skills, as well as broad knowledge of business functions, information technologies, and cybersecurity and compliance practice on a global level
A demonstrated ability to integrate various cybersecurity, network and data protection technologies and controls into a cohesive solution that sufficiently mitigates risk
Demonstrated experience in enterprise solutions and implementation of technology and process solutions to reduce the potential risk of data compromise and network viability
Significant experience in cybersecurity, including hands on experience in SIEM, Email Security, and Endpoint Security tools, Threat Intelligence platforms, and potentially additional experience in forensics, offensive/defensive technologies, intelligence gathering, and/or reverse engineering
Demonstrated experience in delivering comprehensive solutions to complex cybersecurity issues on a global scale
Confidence in leading diverse matrix teams independently, making decisions daily as it relates to the successful delivery of the program
Ability and insight to know when critical decisions must be raised to senior level and/or business unit management quickly to ensure that the program remains on track
Strong knowledge of Threat Intelligence frameworks (e.g. MITRE ATT&CK)
Department of Energy’s regulation 10 CFR 810 is required

Nice To Haves

Desired Industry Cybersecurity certifications (e.g. CISSP, CEH, etc.…)
Masters in Information Security, Computer Science, Business, Engineering, or related fields
Experience in Electric or Gas Utility or Power Generation industry, and/or experience in manufacturing
Broad knowledge of IT and related control environments

Responsibilities

Directs, coaches, and counsels internal/external cyber resources on Cybersecurity technologies, including Threat Engineering, Threat Detection, Cybersecurity Industry Threats Coordination, Endpoint Security, Network Security, Email Security, the Security Operations Center (SOC), Threat Analysis and Incident Response, Cybersecurity Logging & Monitoring, Vulnerability Management, Application Security, Data Security, Insider Trust, Threat Intelligence, and Cyber Threat Hunting for all lines of business and service departments for both IT and OT landscapes.
Ensure that Cybersecurity Operations service delivery aligns with the corporate IT strategy, including development of Cybersecurity operations standards, capacity planning, lifecycle management plans, solution selection, and partner management.
Ensure scalability of Cybersecurity Operations capabilities, including hardware and software, to meet business needs and risk tolerances.
Develops and implements best practices for PSEG Cybersecurity Operations capabilities.
Participate in external risk organizations (including with peer groups) to learn from other organizations and to benchmark our program.
Partner with professional Cybersecurity Operations associations, service providers, and to identify and implement best practices.
Partners with and advises various IT teams.
Operationalizes threat models to protect against existing and emerging threats.
Builds relationships across PSEG business and technology teams.
Interacts routinely with vendors, service providers, consultants/advisors, law enforcement agencies, and cross-sector cyber industry trade organizations.
Ensures that cyber operations requirements are identified, well defined, properly documented, and approved by appropriate stakeholders.
Develops, manages, and pre-prioritizes Cybersecurity CAPEX and OPEX budgets based on business needs and cyber threats.
Lead the identification of optimal OPEX and CAPEX allocations, including opportunities to reduce expenditures while transforming PSEG Cybersecurity Operations.
Lead and advise on business case development.
Leads team, including performance evaluations, career development guidance, and other aspects to grow the talent pipeline and to mature our program.