Cyber & Information Security Analyst
FirstEnergy at a Glance
We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.
FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.
About the Opportunity
This is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.
This position’s base reporting location is in Wadsworth Township, Ohio, and reports to the Manager of Cyber Security Policy. This position is eligible for FirstEnergy’s Flexible Workplace program and may be performed 100% remote with infrequent multi-day trips to the Akron, Ohio area as needed (a few times per year). The Cyber and Information Security Analyst works across all FirstEnergy subsidiaries and business units to protect the cyber assets of FirstEnergy. We seek a knowledgeable individual well-versed in current cyber security and information security strategies with skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape.
Act as a subject matter expert (SME) between cybersecurity and the business units in the development of appropriate policies, standards, and frameworks
- Continuously monitor trends to anticipate and plan for future impact of cyber risk on a specific business unit (BU) or function
- Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization
- Educate stakeholders on cybersecurity-related matters to increase awareness and improve culture
- Performs focused information risk assessments of existing or new services and technologies, along with business counterparts.
- Identifies and facilitates implementation of appropriate controls to effectively manage cyber and information risks as needed.
- Understand software and system vulnerability processes, manage vulnerability patches through a process lifecycle, and perform vulnerability assessments on systems and services
Bachelor's Degree in Computer Science, Information Security, or similar discipline is preferred. A bachelor’s degree in another field with relevant industry experience in cyber/information security will be considered.
- Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cybersecurity program in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
- Familiarity with common cyber security related tools such as vulnerability scanners (Tenable preferred), ServiceNow IRM and GRC, Microsoft Power Automate, Microsoft Power BI, and other similar toolchains.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization.
- An ability to effectively influence others by informing their opinions, plans or behaviors.
- Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
- Infrequent business travel to Akron, OH may be required
- Able to participate in an on-call rotation (cycling daily; on-call once every ~4-6 days) responding to out-of-hours calls and alerts in support of security response.
Benefits, Compensation & Workforce Diversity
At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.
Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.
FirstEnergy Human Resources Team