Public Service Enterprise Group (PSEG)

Director of Cybersecurity - GRC

Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree and 10 years of relevant cybersecurity experience, including leadership experience
  • Strong leadership and influence skills
  • Proficient presentation skills for all management levels
  • Experience in leading a Cybersecurity Governance, Risk, and Compliance organization
  • Strong interpersonal communication skills and analytical abilities
  • Broad knowledge of cybersecurity principles and privacy regulations
  • Working knowledge of cybersecurity and control frameworks (ISO27001, NIST, CobIT)

Responsibilities

  • Direct and coach internal/external resources on cybersecurity technologies and governance
  • Develop and implement best practices for cybersecurity governance and compliance
  • Partner with IT teams to operationalize policies and practices
  • Build relationships with vendors, consultants, and law enforcement for comprehensive security
  • Manage cybersecurity budgets based on business needs and threats
  • Lead team development and talent growth
  • Conduct risk assessments and oversee remediation of cybersecurity issues

Benefits

  • Opportunities for career development and advancement
  • Participation in external risk organizations for benchmarking
  • Collaboration across diverse teams within a leading company
  • Engagement with high-level stakeholders including the Board of Directors
  • Access to innovative solutions and processes in cybersecurity
  • Support for work-life balance through flexible working arrangements
Full Job Description
Job Number: 7454

External Description:

Job Summary

The Director, Cybersecurity Governance, Risk, and Compliance leads the development, implementation, and ongoing coordination of enterprise-wide Cybersecurity Governance, Risk, and Compliance, including Regulatory Assurance (e.g. NRC, SOX, DoE, NERC CIP, TSA, Internal Audits, etc.), Cybersecurity Risk, Cybersecurity Policy, Cybersecurity Awareness, and Nth Party Risk Management and Assurance. (S)he coordinates across all business lines, service departments, external risk organizations (e.g. cross-sector cyber industry trade organizations), and peer energy companies. As PSEG's senior leader responsible for Cybersecurity Governance, Risk, and Compliance, (s)he will also be responsible for defining and aligning cybersecurity policies, strategy, and standards. (S)he will be responsible for multiple discrete projects/enhancements to build, maintain, and mature capabilities, including people, processes, and technologies. (S)he will engage across the entire IT, OT, and managed services landscapes, including leading a team across these environments.

(S)he will spend his/her time
* Serving as the Subject Matter Expert for Cybersecurity governance, risk, and compliance issues/concerns/audits.
* Conducting cybersecurity assessments, identifying risks, and tracking/reporting on remediations.
* Providing cybersecurity insight and expertise in assessing new business opportunities.
* Identifying opportunities for process improvements to deliver increasing efficiency within the Risk and Control framework.
* Interacting with auditors on cybersecurity management oversight.
* Coordinating with outside vendors/third-parties to protect client information, to secure data transmission protocols, and to complete/remediate Information/cybersecurity assessments.
* Collaborating closely with developers and infrastructure teams to implement the Cybersecurity policies required to protect the integrity, confidentiality, and availability of the information on an end-to-end basis.
* Implementing the risk assessment framework, which identifies critical cybersecurity and privacy impacting business process and/or systems.
* Maintaining the global Cybersecurity and IT risk registers, tracking remediations, and creating status reports/metrics.
* Completing risk assessments of new/existing infrastructure, systems, Industrial Control Systems, and other components.
* Conducting risk assessments of third-party vendors to evaluate cybersecurity controls for protecting company-specific data.
* Leading and/or contributing to the creation and maintenance of the enterprise's cybersecurity documents (policies, standards, guidelines and procedures). Ensuring enforcement of these enterprise cybersecurity documents.
* Preparing for, supporting, and potentially presenting at, Cybersecurity Council, Senior Executive Team, and Board of Directors meetings.
* Preparing senior-level technical reports for executive management.
* Providing support and risk guidance for enterprise infrastructure, the wireless environment, Cloud software/infrastructure security, secure software development, and data protection.
* Collaborating closely with Digital Workplace, Infrastructure, Enterprise Resource Planning, and Application Development Teams to identify and remediate cybersecurity issues.
* Identifying/overseeing remediation of open cybersecurity issues and validating closure.
* Maintaining up-to-date cybersecurity knowledge, including awareness of innovative solutions/processes, emerging standards, and new threat vectors by reading professional publications, maintaining personal networks, and participating in professional organizations.

Job Responsibilities

  • Directs, coaches, and counsels internal/external cyber resources on Cybersecurity technologies, including Regulatory Assurance (e.g. NRC, SOX, DoE, NERC CIP, TSA, Internal Audits, etc.), Cybersecurity Risk, Cybersecurity Policy, Cybersecurity Awareness, and Nth Party Risk Management and Assurance for all lines of business and service departments for both IT and OT landscapes. Ensure that Cybersecurity Governance, Risk, and Compliance service delivery aligns with the corporate IT strategy, including development of Cybersecurity operations standards, capacity planning, lifecycle management plans, solution selection, and partner management. Ensure scalability of Cybersecurity Governance, Risk, and Compliance capabilities, including hardware and software, to meet business needs and risk tolerances.
  • Develops and implements best practices for PSEG Cybersecurity Governance, Risk, and Compliance capabilities. Participate in external risk organizations (including with peer groups) to learn from other organizations and to benchmark our program. Partner with professional Cybersecurity Governance, Risk, and Compliance associations, service providers, and to identify and implement best practices.
  • Partners with and advises various IT teams. Operationalizes Policies, Practices, and Instructions to protect against existing and emerging threats.
  • Builds relationships across PSEG business and technology teams. Interacts routinely with vendors, service providers, consultants/advisors, law enforcement agencies, and cross-sector cyber industry trade organizations. Ensures that cyber governance, risk, and compliance requirements are identified, well defined, properly documented, and approved by appropriate stakeholders.
  • Develops, manages, and pre-prioritizes Cybersecurity CAPEX and OPEX budgets based on business needs and cyber threats. Lead the identification of optimal OPEX and CAPEX allocations, including opportunities to reduce expenditures while transforming PSEG Cybersecurity Governance, Risk, and Compliance. Lead and advise on business case development.
  • Leads team, including performance evaluations, career development guidance, and other aspects to grow the talent pipeline and to mature our program.


Job Specific Qualifications

  • Bachelors degree and 10 years of relevant cybersecurity experience, including leadership experience
  • Demonstrated strong leadership and influence skills
  • Demonstrated strong presentation skills with the ability to present to all levels of management and executive leadership
  • Experience leading a Cybersecurity Governance, Risk, and Compliance organization
  • Executive teamwork, facilitation, relationship building, and negotiation skills
  • Ability to maintain positive working relationships both as a leader and as a team member
  • Effective time management and multitasking skills
  • Ability to communicate effectively with both technical and non-technical individuals
  • Strong interpersonal communication skills, analytical abilities, detail focused, quality focused, and problem-solving skills, as well as broad knowledge of business functions, information technologies, and cybersecurity and compliance practice on a global level
  • A demonstrated ability to develop and maintain policy that integrates various cybersecurity, network and data protection technologies and controls into a cohesive solution that sufficiently mitigates risk
  • Extensive relevant experience in Cybersecurity, Information Risk Management, Nth-Party Risk Management, Cybersecurity Policies/Procedures, and Cybersecurity Compliance/Audit
  • Strong analytical skills, problem solving skills, writing skills, attention to detail, and conceptual thinking, including the ability to work with technical and non-technical business owners
  • Broad knowledge of cybersecurity principles (e.g. access control, data protection, security architecture, infrastructure/application security design principles, policies) and privacy (i.e. GDPR)
  • Working knowledge of cybersecurity and control frameworks (ISO27001, NIST, CobIT)
  • Effective communication skills, including the ability to build relationships with technical and non-technical individuals
  • Be able to identify, analyze, and address problems in order to resolve issues in ways that minimize negative impact and risk to the company
  • Experience evaluating security controls, conducting risks assessments, and providing guidance to platform architects/developers
  • Demonstrated experience in delivering comprehensive solutions to complex security issues on a global scale
  • Confidence in leading diverse matrix teams independently, making decisions daily as it relates to the successful delivery of the program
  • Ability and insight to know when critical decisions must be raised to senior level and/or business unit management quickly to ensure that the program remains on track
  • Department of Energy's regulation 10 CFR 810 is required


Desired
  • Industry Cybersecurity certifications (e.g. CISSP, CEH, etc....)
  • Masters in Information Security, Computer Science, Business, Engineering, or related fields
  • Experience in Electric or Gas Utility or Power Generation industry, and/or experience in manufacturing
  • Broad knowledge of IT and related control environments


Job Number: RQ#82809_Dir Cyber Sec - GRC

Community / Marketing Title: Director of Cybersecurity - GRC

Location_formattedLocationLong: Newark, New Jersey US

About Public Service Enterprise Group (PSEG)

PSEG is a diversified energy company. Established in 1903, the company has long had a key role in fueling New Jersey's economy and supporting the state's quality of life. Public Service Electric and Gas (PSE&G) is New Jersey's largest provider of electric and gas service – serving 2.2 million electric customers and 1.8 million gas customers or nearly three out of every four people in the state. PSEG also owns and operates a diverse fleet of power plants with more than 13,000 megawatts of generating capacity located primarily in the Mid-Atlantic and Northeast regions and has solar energy facilities throughout the United States. Another member of the PSEG family of companies, PSEG Long Island, operates the electric transmission and distribution system of the Long Island Power Authority, with 1.1 million customers. PSEG has approximately 12,700 employees, who are carrying forward a proud tradition of dedicated service over more than 100 years.

Public Service Enterprise Group (PSEG) Careers

Join the dynamic team at Public Service Enterprise Group (PSEG), a leading integrated energy company with a proud history and a promising future. At PSEG, we are committed to innovation, leadership, and sustainability, making it an ideal place for professionals looking to make a significant impact.

Work You’ll Do

Embark on a fulfilling career journey with PSEG and be part of a culture that values diversity, leadership, and professional growth. Our team is dedicated to transforming the energy sector through innovative solutions and sustainable practices.

Explore Job Opportunities

PSEG offers a wide range of job opportunities across various disciplines. Whether you're a seasoned professional or a recent graduate, PSEG provides the perfect platform to enhance your skills and advance your career. Explore positions in engineering, customer service, IT, and more, where you can contribute to groundbreaking projects and initiatives.

Internship Programs

Kickstart your career with PSEG’s internship programs. Gain hands-on experience, work with seasoned professionals, and develop skills that will set you apart in the job market. Our internships offer a unique insight into the energy industry and provide a pathway to future employment opportunities within the company.

Benefits and Growth

At PSEG, we believe in nurturing our team's potential by offering competitive benefits, extensive diversity training, and opportunities for career advancement. We support our employees' professional and personal growth through continuous learning and leadership development programs.

Join Our Team

We are hiring! Search open positions that match your skills and interests. PSEG is looking for passionate, curious, and solution-driven team players. Prepare your resume, ace the interview, and join a company that is dedicated to your growth and success.

Networking and Professional Development

Enhance your career through PSEG’s robust professional networking opportunities. Connect with industry leaders, participate in seminars and workshops, and collaborate with a team that’s at the forefront of the energy sector’s transformation.

Stay Connected

Keep up to date with the latest at PSEG: - **Career Tips**: Get insider perspectives and industry-leading insights you can put to use today—all from the people who work here. - **Job Alert Emails**: Personalize your subscription to receive job alerts and the latest news tailored to your preferences. Discover the exciting and rewarding opportunities that await at Public Service Enterprise Group (PSEG). Join PSEG and be part of a company that’s powering progress and empowering your future.
Learn more about Public Service Enterprise Group (PSEG)
Size
12,684 employees
Market Cap
$30.3 billion
Industry
Net Income
$1.9 billion
Founded
1903
5 Year Trend
+1.6%
Revenue
$9.6 billion
NASDAQ

Similar Jobs

More Jobs at Public Service Enterprise Group (PSEG)

More Information Technology Jobs

Find similar Director of Cybersecurity - GRC jobs: