Manager Cyber Security

Location: Bethpage, New York US


Job Number: 5253

External Description:

PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.

We want you to be healthy, balanced, and feel secure. That’s why you’ll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you’ll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement and a minimum of 18 days of paid time off per year.

PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.

Job Summary

The Manager of Cyber Security leads the development, implementation, and ongoing coordination of an enterprise-wide cyber security governance, risk & compliance management (GRC) program including cyber risk identification, analysis, and mitigation, tracking and reporting to executive management. Coordinates among all lines of business and service departments, as well as external risk organizations (including E-ISAC, and other cyber industry trade organizations) and peer energy companies, as PSEG LI's senior leader responsible for Cyber GRC. This leader develops and maintains enterprise information and cyber security policies to ensure PSEG LI digital products and services have best in class cyber security, oversees vendor risks and influences user behavior to ensure that information, cyber assets, and industrial control systems are adequately protected.

This leader is responsible for defining and aligning security policies, strategy, standards and controls, risk management, 3rd party risk, assessments, baseline security controls, as well as technology compliance initiatives. The Director of Cybersecurity engages across the enterprise and supports cyber innovation activities based upon emerging operating horizon needs. This individual is responsible for maintaining PSEG LI's NIST CSF program and oversees Information Security staff in the evaluation of risks and threats. This individual is responsible for the development, implementation, communication, operation, monitoring and maintenance of the security policies and procedures to promote secure and uninterrupted operation of all systems, application and infrastructure.

Additionally, this role is responsible for planning, executing, and closing specific cybersecurity projects for PSEG LI. This includes defining project scope, allocating resources, managing timelines, and coordinating efforts across the teams. This includes completing projects, controlling business processes, and ensuring effective capability maturation in support of the business. Determines the potential needs of Cyber including Delivery capacity planning, Day 2 strategy planning, and Dependency (Down & Cross-stream) planning. Responsible for managing all requests along the across the run, build, transform spectrum and tracking & forecasting OPEX, CAPEX including HW, SW, & licensing. Responsible for all regular and ad hock reporting and dashboarding. 

Job Responsibilities

  • Provide leadership and direction to a team responsible for information security policies and practices., Completes risk analysis & assessments, and maintain compliance to standards and regulatory requirements. Manage other matrix relationships both internal and external to Cyber (such as Business Continuity, IT Operations, and OT Operations) required to complete all assigned tasks.    
  • Establishes measurable individual and team objectives aligned with organizational and business goals. Recognize and reward associates commensurate with performance. Ensure that staff has the resources and skills needed to support all work initiatives.
  • Ensure that PSEG Digital Services offered to external customers are secure and follow regulatory and best practice frameworks.
  • Work with Functional Areas to implement practices that meet defined policies and standards for information security. Oversee all information and cyber security risk management activities and ensures effective coordination with corporate risk management.
  • Establish information security baseline and advances information security maturity model; subject matter expert to executive management and external stakeholders on range of information security standards as influenced by federal and state regulatory agencies (e.g., NERC, NRC) and industry best practices (e.g. C2M2, NIST). Communicates and ensures information security programs, and other assigned frameworks are in compliance with regulatory applicable laws, policies, organizational security policies and standards. Lead efforts to establish and implement integrated cyber security and risk management solutions.
  • Develop and manage a GRC capital and O&M budgets to meet business needs.  Provide leadership in the identification of optimal O&M and capital allocations, inclusive of opportunities to reduce expenditures while transforming the way PSEGLI conducts its business.  Lead and/or participate in business case development.
  • Aligns cyber strategies, services, investment decisions and delivery structures and processes with the strategic direction of the organization.
  • Develop and monitor a strategic, comprehensive cyber security and risk management program (including strategy, policies, standards, processes, and guidelines) to ensure the integrity and confidentiality of information owned, controlled or processed by the organization.
  • Coordinate information security and risk management projects with PSEG IT Application and Infrastructure delivery and operations groups as well as business unit teams; provide strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls. Coordinate with PSEG Strategic Sourcing to ensure that information security requirements are incorporated into third party arrangements.
  • Responsible for cyber program management including, delivery management, capacity management, demand management, cost management, and metrics & reporting.

Job Specific Qualifications


  • Bachelors degree and 10 years of relevant cyber security experience
  • Over 10 years of information security management experience to include a combination of security application development and system security administration in large multi-platform environments (e.g UNIX, Windows, Linux, and Industrial Control System)
  • Over 5 years of experience  in an Information  Security leadership role managing  teams of at least 5 FTEs
  • Strong understanding of current cyber threats, regulatory frameworks (e.g. NERC CIP) and information security technologies
  • Expert in interpreting and communicating technical information in business language and vice versa
  • Can anticipate change and effectively and efficiently deploy resources 
  • Able to take innovative approaches to problem solving 
  • Thinks strategically with a focus on business value; able to develop strategies while incorporating a broad organizational perspective
  • Makes decisions at the appropriate time, taking into account the needs of the situation, priorities, constraints and the availability of necessary information
  • Identifies inspiring goals and objectives, then motivates and leads others towards them
  • Experience with the implementation of NIST Cyber Security Framework (CSF), North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) or other comparable frameworks
  • Track record of metric-based evaluation of cyber security posture and proven ability to balance risks and make sound decisions in emergency situations
  • Strong process discipline in a continuous improvement environment. Experience managing cost center and departmental financial functions like budgets, etc.
  • Demonstrated capabilities in leadership, innovation, problem solving, influencing, organizing and relationship building.
  • Excellent verbal and written communication skills, persuasion, and the ability to communicate security and risk-related concepts to both technical and non-technical audiences at all levels, including the C-suite
  • CISSP or equivalent security certification


  • Experience in Electric or Gas Utility or Power Generation Sectors
  • Experience designing security for commercial digital products used on a large customer basis
  • Proven track record of developing cyber processes that improve effectiveness, efficiency and controls
  • Experience in dealing with internal / external auditors and regulators

Minimum Years of Experience

10 years of experience



Job Number: 78527

Community / Marketing Title: Manager Cyber Security

Location_formattedLocationLong: Bethpage, New York US