Mgr, Cyber Security Compliance

FirstEnergy at a Glance

We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.

FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.

About the Opportunity

This is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.

The Cyber Security Compliance Manager is responsible for leading the Cyber Security Compliance Team, including providing guidance to accomplish the objectives of the Cyber Security group. The Cyber Security Compliance Manager handles any escalations, issue management, or interactions related to daily Cyber Security compliance activities. This role is responsible for overall day-to-day operations, and for the performance of the Compliance Specialists.

The Cyber Security Compliance Manager will collaborate with the Cyber Security Policy, Information Technology, NERC Compliance, Internal Audit, Risk, federal regulatory, and state regulatory organizations frequently. The Cyber Security Compliance Team assists all business units with interpretation of and complying with FirstEnergy cyber security policies, cyber-related NERC regulations, and state regulatory rules.

The Cyber Security Compliance Manager is responsible for creating and maintaining a corporate cyber security compliance outreach program. They are also responsible for doing compliance testing and assisting with control design. This includes assisting all business units and generating metrics and reports for executive management.

Responsibilities Include:

• Oversees a corporate-wide cyber security compliance program.
• Provides guidance, testing, and compliance metrics for Cyber Security policies.
• Maintains a high-level of technical knowledge of cyber security and compliance supported by attending webinars, conferences, and workshops; reviewing professional publications and research; and establishing personal networks.
• Creates compliance development strategies, policies, and procedures by identifying problems/needs; evaluating trends and anticipating requirements.
• Ability to devise and implement automated processes wherever possible, implementing controls when automation is not feasible.
• Willing to assist with activities through the Cyber Security organization, including but not limited to policy review, compliance reviews, compliance mitigation plans, third party evaluations, and compliance documentation.
• Works across all business units, including IT, to prioritize and schedule work requests.
• Liaison to upper management, other functional areas, and internal business organizations.
• Liaison to external peer organizations for knowledge exchange.
• Preserves evidence and complies to regulatory requirements by implementing security and control structures.
• Provide input on required staffing, software, hardware, and support budgets.
• Champions FE’s Core Values & Behaviors, through coaching and by personal example.
• Exhibit decision making maturity by assessing multiple factors to determine priority and by understanding when incoming requests require urgency or compromise.
• Mentor and motivate a diverse team that scales and evolves with business and policy needs.
• Responsible for managing staff performance by setting objectives, tracking performance, and providing feedback.
• Assists in the personal growth of staff through individual development plans, mentoring, coaching and stretch job assignments.
• Staff projects by aligning internal resources and timetables with business plans. Selects and hires consultants to address internal labor project shortages/gaps.
• Accomplish annual Cyber Security Compliance and company performance objectives.

Qualifications include:

• A Bachelor’s Degree in a relevant field.
• 7+ years of IT and/or cyber security experience preferred.
• 5+ years of related management, operations, and budget experience.
• Certifications such as CISSP, CISM, or SANS a plus.
• Audit experience (as auditor or subject matter expert) preferred.
• Understanding of and experience with SOx, NERC CIP and SOC2 standards preferred.
• Demonstrated understanding of best practices in cyber security encompassing strategies, policies, principles, procedures, and standards.
• Advanced knowledge of risk management techniques to defeat advanced attackers and capability to discuss techniques at an executive level.
• Strong leadership, excellent oral and written communication skills required.
• Strong interpersonal, presentation, communication, training skills, and organizational skills.
• Ability to work with all levels of management throughout the organization.
• Ability to effectively manage multiple tasks concurrently on a regular basis.
• Strong analytical and problem-solving skills.
• Proven conflict management skills.
• Comfortable taking action in the face of ambiguity.
• Ability to work with highly confidential information.
• Strong knowledge of process improvement techniques.
• Experience with the effective use of Microsoft Office Suite (Outlook, Word, Excel, and PowerPoint).
• Role model of FirstEnergy’s core values and behaviors; unwavering integrity and trustworthiness
• Experience developing or working with diverse teams and building an inclusive work environment

Benefits, Compensation & Workforce Diversity

At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.

Safety

Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.

Position Classification

[[filter6]]

FirstEnergy Human Resources Team