Director Cybersecurity Governance, Risk, & Compliance jobs in United States
cer-icon
Apply on Employer Site
company-logo

PSEG · 23 hours ago

Director Cybersecurity Governance, Risk, & Compliance

positionNewark, NJ
timeFull-time
remoteHybrid
seniorityDirector/Executive
money$161K/yr - $299K/yr
date10+ years exp

PSEG is one of the country’s largest energy companies, committed to powering a cleaner and more reliable future. The Director of Cybersecurity Governance, Risk, and Compliance will lead the development and implementation of cybersecurity strategies and policies while coordinating across business lines to ensure compliance and mitigate risks.

EnergyEnergy EfficiencySharing EconomySolar
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Serving as the Subject Matter Expert for Cybersecurity governance, risk, and compliance issues/concerns/audits
Conducting cybersecurity assessments, identifying risks, and tracking/reporting on remediations
Providing cybersecurity insight and expertise in assessing new business opportunities
Identifying opportunities for process improvements to deliver increasing efficiency within the Risk and Control framework
Interacting with auditors on cybersecurity management oversight
Coordinating with outside vendors/third-parties to protect client information, to secure data transmission protocols, and to complete/remediate Information/cybersecurity assessments
Collaborating closely with developers and infrastructure teams to implement the Cybersecurity policies required to protect the integrity, confidentiality, and availability of the information on an end-to-end basis
Implementing the risk assessment framework, which identifies critical cybersecurity and privacy impacting business process and/or systems
Maintaining the global Cybersecurity and IT risk registers, tracking remediations, and creating status reports/metrics
Completing risk assessments of new/existing infrastructure, systems, Industrial Control Systems, and other components
Conducting risk assessments of third-party vendors to evaluate cybersecurity controls for protecting company-specific data
Leading and/or contributing to the creation and maintenance of the enterprise’s cybersecurity documents (policies, standards, guidelines and procedures). Ensuring enforcement of these enterprise cybersecurity documents
Preparing for, supporting, and potentially presenting at, Cybersecurity Council, Senior Executive Team, and Board of Directors meetings
Preparing senior-level technical reports for executive management
Providing support and risk guidance for enterprise infrastructure, the wireless environment, Cloud software/infrastructure security, secure software development, and data protection
Collaborating closely with Digital Workplace, Infrastructure, Enterprise Resource Planning, and Application Development Teams to identify and remediate cybersecurity issues
Identifying/overseeing remediation of open cybersecurity issues and validating closure
Maintaining up-to-date cybersecurity knowledge, including awareness of innovative solutions/processes, emerging standards, and new threat vectors by reading professional publications, maintaining personal networks, and participating in professional organizations

Qualification

Cybersecurity GovernanceRisk ManagementCompliance AuditsCybersecurity PolicyCybersecurity FrameworksCybersecurity AssessmentsAnalytical SkillsInterpersonal CommunicationConceptual ThinkingCloud SecurityData ProtectionCybersecurity CertificationsLeadership SkillsPresentation SkillsTime ManagementProblem SolvingNegotiation SkillsTeam CollaborationAttention to DetailEffective CommunicationRelationship Building

Required

Bachelors degree and 10 years of relevant cybersecurity experience, including leadership experience
Demonstrated strong leadership and influence skills
Demonstrated strong presentation skills with the ability to present to all levels of management and executive leadership
Experience leading a Cybersecurity Governance, Risk, and Compliance organization
Executive teamwork, facilitation, relationship building, and negotiation skills
Ability to maintain positive working relationships both as a leader and as a team member
Effective time management and multitasking skills
Ability to communicate effectively with both technical and non-technical individuals
Strong interpersonal communication skills, analytical abilities, detail focused, quality focused, and problem-solving skills, as well as broad knowledge of business functions, information technologies, and cybersecurity and compliance practice on a global level
A demonstrated ability to develop and maintain policy that integrates various cybersecurity, network and data protection technologies and controls into a cohesive solution that sufficiently mitigates risk
Extensive relevant experience in Cybersecurity, Information Risk Management, Nth-Party Risk Management, Cybersecurity Policies/Procedures, and Cybersecurity Compliance/Audit
Strong analytical skills, problem solving skills, writing skills, attention to detail, and conceptual thinking, including the ability to work with technical and non-technical business owners
Broad knowledge of cybersecurity principles (e.g. access control, data protection, security architecture, infrastructure/application security design principles, policies) and privacy (i.e. GDPR)
Working knowledge of cybersecurity and control frameworks (ISO27001, NIST, CobIT)
Effective communication skills, including the ability to build relationships with technical and non-technical individuals
Be able to identify, analyze, and address problems in order to resolve issues in ways that minimize negative impact and risk to the company
Experience evaluating security controls, conducting risks assessments, and providing guidance to platform architects/developers
Demonstrated experience in delivering comprehensive solutions to complex security issues on a global scale
Confidence in leading diverse matrix teams independently, making decisions daily as it relates to the successful delivery of the program
Ability and insight to know when critical decisions must be raised to senior level and/or business unit management quickly to ensure that the program remains on track
Department of Energy's regulation 10 CFR 810 is required

Preferred

Industry Cybersecurity certifications (e.g. CISSP, CEH, etc.…)
Masters in Information Security, Computer Science, Business, Engineering, or related fields
Experience in Electric or Gas Utility or Power Generation industry, and/or experience in manufacturing
Broad knowledge of IT and related control environments

Benefits

Medical
Dental
Vision
Parental leave and family leave programs
Behavioral health programs
401(k) with company match
Life insurance
Tuition reimbursement
Generous paid time off

Company

PSEG

twittertwittertwitter
Glassdoor3.9
company-logo
“Public service” is not just in our name. It’s who we are. It’s what we do. We keep the lights on.
dateFounded in 1903
location
Newark, New Jersey, USA
people-size10001+ employees
web-link
https://www.pseg.com

Funding

Current Stage
Public Company
Total Funding
$1.85B
2024-04-05Post Ipo Debt· $1.25B
2023-10-01Post Ipo Debt· $600M
1978-01-13IPO

Leadership Team

leader-logo
Ralph LaRossa
President and Chief Operating Officer
leader-logo
David Johnson
Senior Vice President - Chief Customer Experience Officer
linkedin

Recent News

The Cool Down
Farm families face off with grid operator over controversial transmission line: 'It's going to financially devastate us'
2026-01-04
PR Newswire
PSEG Long Island Contract Extension Approved by N.Y. State Comptroller
2025-12-30
PR Newswire
PSE&G Ranked #1 for Residential Electric in the East among Large Utilities in J.D. Power 2025 Customer Satisfaction Study for 4th Consecutive Year
2025-12-17
Company data provided by crunchbase