The Information Security Analyst plays an important role in advancing PJM's cybersecurity strategy by solving security challenges in implementing on-premises and cloud-based solutions, securing sensitive data, working with internal and external parties to identify Information Security and supply chain security risks with applications, vendors and key business partners, and recommending security solutions to enhance and improve the security of PJM's applications, including those that support the operation of the bulk electric system.
Essential Functions:
- Perform technical security assessments on systems and applications (on-prem and cloud-based).
- Conduct security assessments of PJM's vendors and key business partners.
- Develop innovative security solutions to achieve both business and technology goals.
- Participate in PJM's Information Security risk management processes.
- Maintain tools and processes to ensure security of data at rest, in storage, and in transit for on-prem, and cloud-based applications.
- Execute red team activities in an effort to identify security weaknesses within PJM systems.
- Execute and continuously improve PJM's NERC CIP compliance program.
- Create and maintain security policies, standards and procedures.
Characteristics & Qualifications:
Required:
- BS degree in Computer Science, Computer Engineering, Information Technology, Cybersecurity, Risk Management or equivalent work experience
- Ability to produce high-quality work products with attention to detail
- Ability to communicate effectively in a team environment
- Experience in quantitative and qualitative analysis
- Experience using verbal and written communications skills
- Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint)
- Ability to produce high-quality work products with attention to detail
- Ability to collaborate, influence, and partner with business units
- Experience with security and technical concepts including operating systems, networks, storage technologies, software development, and databases
Preferred:
- Experience with PJM operations, markets, and planning functions
- Experience supporting any of PJM Committees
- Experience with PJM's internal systems, processes, and methodologies relative to NERC CIP
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)