Server Security Administrator

PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories:

Onsite are roles that have specific onsite requirements and are typically onsite daily.

Hybrid fixed are roles that are a blend of onsite work/in-person interactions with some ability to work remotely and require employees to live within a commutable distance and be onsite fixed days each week.

Hybrid flexible are roles that can be performed remotely but require some level of onsite work/in-person interactions on a regular basis, require employees to live within a commutable distance and, since business needs vary by position and may change over time, managers will set expectations and flexibility regarding where and when work is performed.

Fully remote are roles that can be performed remotely, require employees to live in approved states and will have purpose-driven in-person interactions on occasion.

We want you to be healthy, balanced, and feel secure. That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, well-being and behavioral health programs. We also offer a retirement program, 401(k) with company match, company paid life insurance, tuition reimbursement and a minimum of 18 days of paid time off per year (including vacation, scheduled holidays, and floating holidays).

PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie, and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity, and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.

Job Summary

The Technology Product Consultant –Security Engineering and Operations support specialist performs his engineering resource collaborates with Cyber Governance & risk to integrate technical data protection mechanisms. This individual ensures data security best practices and organizational objectives are aligned and implements a controls to continuous monitor and improve elements such as data classification, data protection, data encryption (at rest & in motion). 
The tools supported by this role will be tracking changes against an established, secure baseline and alerting on changes that suggest a security risk or undermine regulatory compliance. Alerting will be configured to send emails to system owners and support teams when the configured items are changed or deleted.  The tool should be designed to detect and alert on changes to key files, folders, and registry settings. The role will report to the Manager of IT Infrastructure Services.  
 

Job Responsibilities

•    Ensure computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events.
•    Establish, track and control baseline configurations for IT systems, identities and databases incorporating security principles
•    Collaborate with internal IT and Cyber teams and systems owners to track, report and remediate vulnerabilities and security risks. 
•    Manage, support and administer integrity monitoring systems and tools. 
•    Correlating file audit events with other log data to provide threat intelligence and pinpoint out breach attempts.
•    Work with the groups within IT and Cyber security for related Infrastructure projects and initiatives.
•    Stay abreast of emerging cyber risks, threats, vulnerabilities, trends, and best practices, and make recommendations for continuous improvement
•    Develop, document, and update procedures, standards, and policies for effective threat analysis and response
•    Assist in creating reports and presentations for various stakeholders to provide insights into team metrics, active threats, and mitigation strategies
•    Interface with other areas of IT for engineering and infrastructure support
•    Perform reviews and/or Root Cause Analysis on production systems failures, formulate corrective action plans, ensure corrective actions are implemented, and track their effectiveness.
•    Requires working in a 24x7 environment with callout availability 
 

Job Specific Qualifications

Required (Education, Experience, Skills, Knowledge):
•    Bachelor’s degree in Information Technology, Computer Science, Engineering, Math or related technical field.
•    A minimum of 4 years of experience within the IT field or an industry with reliance on technical expertise.
•    Demonstrated knowledge of Information Technology principles including IT Infrastructure support, system administration, and application support and/or application development techniques.
•    Demonstrated knowledge in security operations capabilities, including detection engineering, attack surface management, vulnerability management, forensics, threat hunting, incident response and recovery.
•    Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
•    Demonstrated ability to troubleshoot and make recommendations using critical thinking, sound judgment, and decision making processes and techniques in a fast-paced, mixed technology environment 
•    Demonstrated ability to create both technical and non-technical end-user documentation
•    Must be detail oriented and demonstrate strong analytical and problem solving skills.
•    Must demonstrate strong interpersonal skills and the ability to work effectively with clients, leadership, and all levels of staff.

Desired Qualifications:
•    ISC2 Certified Information Systems Security Professional (CISSP) or equivalent
•    Certificate or Strong understanding of NIST Cybersecurity Framework 2.0
 

Minimum Years of Experience