Lead Information Security Analyst

Flexible Work Experience:

Hybrid The Lead Information Security Analyst plays an important role in advancing PJM's information technology strategy by solving security challenges in implementing on-premise and cloud-based solutions, identifying and securing sensitive and confidential data, working with internal and external parties to identify information security and supply chain security risks with applications, vendors and key business partners, and recommending security solutions and processes to enhance and improve the security of applications that support the operation of the bulk electric system within PJM.

Essential Functions:

Perform technical security assessments on systems and applications (on-premise and cloud-based) Perform security assessments of PJM's vendors and key business partners Develop innovative security solutions to achieve both business and technology goals Maintain tools and processes to ensure security of data at rest, in storage, and in transit for on-prem, and cloud-based applications Lead or participate in PJM's red team activities of security controls and processes Lead or participate in PJM's information security risk management processes and data protection programs Lead or participate in the development and execution of PJM's phishing training program Lead or support the supply chain cybersecurity risk program including compliance with CIP-013 Review contract documents to ensure compliance with security requirements Coordinate the collection, validation, and reporting of security metrics Support the Cyber Security Incident Response Team (CSIRT) process Execute continuous improvement processes for PJM's

NERC CIP

compliance program Lead departmental projects, as assigned Create and maintain security policies, standards and procedures Provide security updates to senior leadership

Characteristics and Qualifications:

Required:

Bachelor's degree in Computer Engineering, Computer Science, Information Technology, Cyber Security, Risk Management or equivalent work experience Ability to produce high-quality work products with attention to detail Ability to communicate effectively in a team environment Experience in quantitative and qualitative analysis Experience using verbal and written communications skills Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint) Ability to produce high-quality work products with attention to detail Ability to collaborate, influence, and partner with business units Experience using Microsoft Project Experience with Operating Systems, networks, storage technologies, software development, databases, and security concepts Experience using effective verbal and written communications skills

Preferred:

MBA degree Experience with PJM operations, markets, and planning functions Experience supporting any of PJM Committees Experience with PJM operations, markets, and planning functions Experience with PJM's internal systems, processes, and methodologies relative to

NERC CIP

Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM)