Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


FirstEnergy Corporation

Cyber and Information Security Analyst III/IV (54966)

Law Enforcement and Security

Information Security

Yearly

No

Ohio, United States

FirstEnergy at a Glance


We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.

FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.


About the Opportunity

This is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.

This position’s base reporting location is in Wadsworth Township, Ohio, and reports to the Supervisor of Cyber Security. This position is eligible for FirstEnergy’s Flexible Workplace program and may be performed 100% remote with infrequent multi-day trips to the Akron, Ohio area as needed (a few times per year). The Cyber Security Policy Analyst works across all FirstEnergy subsidiaries and business units to protect the cyber assets of FirstEnergy. We seek a knowledgeable individual well-versed in current cyber security and information security strategies with skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape.

Responsibilities include:
  • Act as a subject matter expert (SME) between cybersecurity and the business units in the development of appropriate policies, standards, and frameworks
  • Continuously monitor trends to anticipate and plan for future impact of cyber risk on a specific business unit (BU) or function
  • Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization
  • Educate stakeholders on cybersecurity-related matters to increase awareness and improve culture
  • Performs focused information risk assessments of existing or new services and technologies, along with business counterparts
  • Identifies and facilitates implementation of appropriate controls to effectively manage cyber and information risks as needed
  • Understand software and system vulnerability processes, manage vulnerability patches through a process lifecycle, and perform vulnerability assessments on systems and services
Qualifications:
  • Bachelor's Degree in Computer Science, Information Security, or similar discipline is preferred. A bachelor’s degree in another field with relevant industry experience in cyber/information security will be considered.
  • A minimum of 4 years professional experience in a cyber or related IT function
  • Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cybersecurity program in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
  • Familiarity with common cyber security related tools such as vulnerability scanners (Tenable preferred), ServiceNow IRM and GRC, Microsoft PowerAutomate, Microsoft PowerBI, and other similar toolchains.
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization
  • An ability to effectively influence others by informing their opinions, plans or behaviors
  • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
  • Infrequent overnight business travel to locations throughout the FirstEnergy service territory (OH, PA, NJ, MD, WV) will be required of this position
  • Able to participate in an on-call rotation (cycling daily; on-call once every ~4-6 days) responding to out-of-hours calls and alerts in support of security response


Benefits, Compensation & Workforce Diversity

At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.

Safety

Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.

Position Classification

[[filter6]]

FirstEnergy Human Resources Team