Flexible Work Experience: Hybrid

The Lead Information Security Analyst plays an important role in advancing PJMs information technology strategy by solving security challenges in implementing on-premise and cloud-based solutions identifying and securing sensitive and confidential data working with internal and external parties to identify information security and supply chain security risks with applications vendors and key business partners and recommending security solutions and processes to enhance and improve the security of applications that support the operation of the bulk electric system within PJM.

Essential Functions:

• Perform technical security assessments on systems and applications (on-premise and cloud-based)

• Perform security assessments of PJMs vendors and key business partners

• Develop innovative security solutions to achieve both business and technology goals

• Maintain tools and processes to ensure security of data at rest in storage and in transit for on-prem and cloud-based applications

• Lead or participate in PJMs red team activities of security controls and processes

• Lead or participate in PJMs information security risk management processes and data protection programs

• Lead or participate in the development and execution of PJMs phishing training program

• Lead or support the supply chain cybersecurity risk program including compliance with CIP-013

• Review contract documents to ensure compliance with security requirements

• Coordinate the collection validation and reporting of security metrics

• Support the Cyber Security Incident Response Team (CSIRT) process

• Execute continuous improvement processes for PJMs NERC CIP compliance program

• Lead departmental projects as assigned

• Create and maintain security policies standards and procedures

• Provide security updates to senior leadership

Characteristics and Qualifications:
Required:

• Bachelors degree in Computer Engineering Computer Science Information Technology Cyber Security Risk Management or equivalent work experience

• Ability to produce high-quality work products with attention to detail

• Ability to communicate effectively in a team environment

• Experience in quantitative and qualitative analysis

• Experience using verbal and written communications skills

• Ability to use Microsoft Office Suite (MS-Word MS-Excel and MS-PowerPoint)

• Ability to produce high-quality work products with attention to detail

• Ability to collaborate influence and partner with business units

• Experience using Microsoft Project

• Experience with Operating Systems networks storage technologies software development databases and security concepts

• Experience using effective verbal and written communications skills

Preferred:

• MBA degree

• Experience with PJM operations markets and planning functions

• Experience supporting any of PJM Committees

• Experience with PJM operations markets and planning functions

• Experience with PJMs internal systems processes and methodologies relative to NERC CIP

• Certified Information Systems Auditor (CISA)

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)