Manager, Vulnerability Management and Application Security

About The Position

Requirements

• Bachelor's degree and 8 years of relevant cyber security experience
• Candidates without a degree, will need 12 years of cyber experience
• Experience within vulnerability/compliance management, penetration testing, and/or threat hunting
• Ability to present to all levels of management and executive leadership
• Excellent teamwork, facilitation, relationship building, and negotiation skills
• Able to maintain positive working relationships both leading and as part of a team
• Effective time management skills and able to multi-task effectively
• Able to communicate effectively with both technical and non-technical individuals
• Compliance with the Department of Energy's regulation 10 CFR 810 is required

Nice To Haves

• Certified Information Systems Security Professional (CISSP), or equivalent
• Some positions at PSEG require access to information covered by the Department of Energy’s regulation 10 CFR 810 (Part 810). If applicable, the successful applicant must prove they are: (1) a citizen or national of the USA; OR (2) a lawful permanent resident of the United States (Non-Conditional Permanent I-551 / Green Card / Permanent Resident Card holder); OR (3) a citizen, national, or permanent resident of a “Generally Authorized” destination on the attached list and not also a citizen, national, permanent resident of any country not listed; OR (4) a “Protected Individual” under the Immigration and Naturalization Act (8 U.S.C 1324b(a)(3)).

Responsibilities

• Cyber Assessment & Vulnerability Management lead is responsible for the overall lifecycle of the Cyber Assessment & Vulnerability Management program.
• Inform, advise, and partner with IT, Security, and other business units to help better secure their operations. Identify gaps in current processes, workflows, and design and recommend changes or enhancements as needed.
• Participate in Change Management Process, from early Assessment of proposed changes/enhancements, through Vulnerability scanning and recommended remediation before go-live.
• Participate in incident response activities as needed. Ensure cross-company processes around threat & vulnerability management are adhered to. This includes tracking SLAs, discovery, and handling of any finding. Maintain situational awareness, identification, tracking, and ensuring action on industry news related to software vulnerabilities, including zero-day vulnerabilities and emergency patching.
• Implement and operationalize advanced Vulnerability Management reporting tools. Design, develop and operationalize Vulnerability Management metrics. Design and Implement advanced Vulnerability dashboards. Evaluate performance, perform career development, coaching and counseling and manage compensation for Cyber assessment staff.
• Responsible for conducting security assessments & penetration tests. Review Cyber threat intelligence and ensures and provide relevant data to parties within the Cyber Assessment & Vulnerability management teams to action upon. Oversee regular red team exercises to proactively emulate attackers TTP and report back findings so security engineering and operations can improve their defenses.
• Create, perform tabletop exercises exercising mimicking adversary practices testing PSEG LI’s ability to respond to cyber incidents.

Benefits

• medical
• dental
• vision
• paternal leave and family leave programs
• behavioral health programs
• 401(k) with company match
• life insurance
• tuition reimbursement
• generous paid time off