Cyber Security - Active Directory Security and Automation Specialist

Company: PSEG
Location: Newark
Posted on: May 28, 2023

Job Description:

Requisition ID: 71381 Job Function/Category: Information Technology Employment Type: Exempt Full Time This is an exciting time to be joining PSEG. Our commitments, which include safety, integrity, customer focus, and diversity & inclusion, are the fabric of our culture and help drive the success of our business. We are fortunate to have an outstanding workforce of diverse and highly skilled talent who move us forward in our operational excellence journey. PSEG has more than 12,000 employees who are dedicated to the communities we serve and embody our vision: People providing Safe, Reliable, Economic and Greener Energy. Consistent with our core commitment of safety, PSEG has made the decision to require all new hires to be fully COVID-19 vaccinated as a condition of hire employment. "Fullvaccination" is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a disability can request a reasonable accommodation. Job Summary This position is for a hands-on technical lead with prior experience in enumeration and exploiting Active Directory, DNS, web applications, and APIs. PSEG is looking for an expert who can identify security threats and risks in the operating environment and has the knowledge to analyze the environment and its current state of security readiness. Has experience in red/blue teaming exercises, investigating cybersecurity alerts, incident response, and threat hunting. Job Responsibilities Job Responsibilities * Write custom integrations in bash, python, and/or c#. * Provide technical expertise in threat/risk assessments for new enhancements. * Define, design, and implement strategies to protect against emerging threats using security tools. * Responds to security incidents, implement new controls, and enhance evolving tool sets. Competencies: * Hands-on technical lead performing IT security functions and maintaining systems, while providing technical guidance to the team. * Assists with Active Directory security related tasks, including logging and monitoring, secure configuration, and risk assessment findings. * Working/functional knowledge of Kerberos authentication and Protected Users restrictions * Familiarity with Kerberos armoring and Active Directory assessment tools such as Bloodhound and PingCastle * Utilizes information security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response. * Provides technical expertise and support to clients, IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events. * Incident response and threat analysis experience, including SIEM technology. Proficient in defining processes and procedures for incident response. * Follows cyber security news and alerts, understands complex attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities. Recommends appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team. * Designs process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively. * Reviews complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations. * Willing to work in strong team environment, constantly teaching and learning from other team members. Job Specific Qualifications Required: * Bachelor's degree in Computer Science or Information Systems or Cyber Security or Engineering or related field and a minimum 4 years of experience in information security or related IT experience * Experience with performing active directory related functions in a corporate environment. * Ability to work independently with little or no supervision. * Excellent oral and written communication skills. * Demonstrated leadership, technical teamwork, and interpersonal skills. * Ability to foster working relationships with the team, IT Management and Client departments. * Ability to explain technical concepts to the business users in the context of business requirements. * Broad knowledge of information systems such as Windows security, network security, systems development, communication networks, security software/hardware and operating systems. * Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis. * Approximately 5% Travel required * This is a NERC CIP position and requires NERC CIP background investigation prior to start Desired: * Security certifications in incident response, cyber investigation, forensics, or threat hunting. * Microsoft certifications. * Programming Experience in Python or PowerShell. * Experience with cloud computing Minimum Years of Experience 4 years of experience Education Certifications None Noted Disclaimer Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made. If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer. As an employee of PSE&G or PSEG Long Island, you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations. This site ( http://www.pseg.com ) is strictly for candidates who are not currently PSEG employees. PSEG employees must apply for jobs internally through empower which can be accessed through the mypseg homepage by clicking on the employee center tab, then under the empower header, choose careers. Business needs may cause PSEG to cancel or delay filling position at any time during the selection process. Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made. If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer. Public Service Enterprise Group (PSEG) is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legal protected characteristic. Legally protected characteristics included, race, color, religion, national origin, sex, age, marital status, sexual orientation, disability, or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals. Need to request an accommodation? If you have a disability and need assistance submitting your resume, applying for a position or registering for a test, please call 973-430-3845. Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision. Nearest Major Market: Newark Nearest Secondary Market: New York City Job Segment: Cloud, Recruiting, Compliance, Testing, Information Security, Technology, Human Resources, LegalPDN-9929431c-d51a-4a18-884d-0044d24add9b

Keywords: PSEG, Newark , Cyber Security - Active Directory Security and Automation Specialist, Other , Newark, New Jersey