Enterprise Architect - Cyber Security & TSOC

About the Opportunity

FirstEnergy at a Glance

We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.

FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.

Preferred work location is Wadsworth, OH

This is an open position with FirstEnergy Service Company, a subsidiary of FirstEnergy Corp. [SC00]

This position’s base reporting location is in Wadsworth Township, Ohio, with flexible hybrid work arrangements, and reports to the Director of Cyber Security Operations. This Enterprise Security Architect is responsible for strategy, R&D, network segmentation and technical designs for the Cyber Security Technologies team who manages our firewall, VPN, endpoint protection, certificate management and multi factor authorization platforms.  This role provides thought leadership and support across all cybersecurity teams to improve the overall security posture at FirstEnergy.  The Enterprise Security Architect maintains open communications with peers across the Cyber Security organization and IT.

Responsibilities include

• Provide overall security guidance and leadership in R&D, strategy, network segmentation and technical designs involving a variety of infrastructure, networking and security technologies tools.
• Guide and assist the Security Technologies team in the design, implementation, and operations of security solutions to protect the edge.
• Conduct risk assessments and threat modeling for network and access technologies in partnership with our security operations center.
• Ensure compliance with internal policies and regulatory requirements (NERC CIP, SOX).
• Manage requests for information (RFI) and requests for pricing (RFP) on new application services for cyber security operations
• Educate and influence IT, Cyber Security and Business stakeholders to better understand existing security risks, best practices, and infrastructure designs/changes required to support best-in-breed and the business objectives, while managing security risks. 
• Drive technology strategy and enterprise architecture for Cyber Security Technologies which includes but not limited to our Zero Trust journey.
• Develop, document, and recommend plans for investing in IT security, including cost analysis and cost reduction opportunities. Identify gaps in overall IT Security and assist in driving future improvements for Zero Trust.
• Ensure encryption standards and authentication methods are in line with cybersecurity policies.
• Define and follow access control policies and ensure they follow the principle of least privilege. 
• Participate in budgeting conversations and strategic planning around cost saving measures.
• Develop and present business cases and security architecture plans to management and executive council, when appropriate.
• Identify process improvements to further advance security operations. Participate in regular firewall rule audits.
• Develop, construct and improve standard operating procedures (SOP) and team documentation.
• Research and development of new security platforms to support business objectives. 
• Assist to provide investigation services and coordinate mitigation efforts during an operational or cyber security incident.
• Assist with the day-to-day operations in Cyber Security Technologies when needed. 
• Participate in incident response training and business continuity planning.
• Build and maintain relationships with key business unit areas within Cyber, IT, Transmission, Distribution, and Corporate Security.

Qualifications

• Bachelor's Degree in Computer Science, Information Security, or similar discipline with ten (10) years of significant experience in one or more of the key technical domains is required. In lieu of a degree twelve (12) years of industry experience in cyber/information security will be considered if other certifications are held.
• Demonstrated high level of technical acumen, with a strong understanding and knowledge of computer, network (IPv4, IPv6, TCP, UDP), and IT security systems (firewall, VPN, certificate management, endpoint security). 
• Demonstrated understanding of best practices in cybersecurity encompassing strategies, policies, principles, procedures, compliance and standards; and how they relate and apply to IT security operations.
• Must have deep knowledge and understanding of firewalls and firewalling concepts along with at least 5 years experience administering firewalls.
• Extensive experience making strategic design decisions derived from risk-based, threat analysis. 
• Strong troubleshooting skills are required. Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cyber security program in a way that consistently drives objective, fact-based decisions about risk to optimize the trade-off between risk mitigation and business performance.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option.
• Knowledge of relevant frameworks, standards, and best practices such as NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain are required
• An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s organizational network.
• An ability to effectively influence others by informing their opinions, plans or behaviors.
• Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
• Experience with Compliance regulations, such as NERC CIP, is a plus. 
• CISSP is strongly preferred 
• Must be within the FirstEnergy footprint

Benefits, Compensation & Workforce Diversity

At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at www.firstenergycorp.com to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.

Safety

Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.

Position Classification

Exempt 

FirstEnergy Human Resources Team