Cyber and Information Security Analyst – Cyber Security, TSOC
FirstEnergy
full-time
Posted on:
Location Type: Hybrid
Location: Akron • Ohio • United States
Visit company websiteExplore more
Tech Stack
About the role
- Serve as a trusted subject matter expert (SME) for cyber security compliance requirements, providing clear, accurate, and ethical guidance to Cyber Security, IT, OT, and business units.
- Support FirstEnergy’s compliance with NERC CIP Standards and state regulations, helping ensure the protection of BES Cyber Systems and the reliability of the Bulk Electric System.
- Interpret new and revised regulatory requirements and collaborate with stakeholders to implement compliant, risk‑informed solutions.
- Participate, as appropriate, in industry forums or standards development activities to responsibly represent FirstEnergy’s operational and regulatory interests.
- Identify, assess, and communicate cyber security compliance risks in a manner that supports informed, fact‑based business decisions.
- Support risk remediation, mitigation tracking, and exception management in alignment with FirstEnergy policies, standards, and governance frameworks.
- Translate technical findings and assessment data into clear risk statements and actionable compliance recommendations.
- Guide and oversee ongoing compliance activities across business units, including evidence collection, control validation, and sustainment practices.
- Support internal audits, regulatory audits, self‑certifications, and examinations by coordinating responses and ensuring high‑quality, defensible evidence.
- Promote efficient, repeatable compliance processes that reduce operational burden while maintaining regulatory rigor.
- Educate and engage stakeholders to improve understanding of cyber security compliance responsibilities and reinforce a strong compliance culture.
- Develop and deliver professional communications, training materials, reports, and presentations tailored to both technical and non‑technical audiences.
- Build effective working relationships across organizational boundaries and influence outcomes through expertise, credibility, and collaboration.
Requirements
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Engineering, Corporate Compliance, or a related discipline preferred.
- A bachelor’s degree in another field with relevant cyber security, compliance, or regulated‑industry experience will be considered.
- Experience working in a regulated environment (electric utility, energy, critical infrastructure, or similar) preferred.
- Prior experience supporting compliance audits or regulatory reviews is a plus.
- Working knowledge of NERC CIP Standards and cyber security governance frameworks (e.g., NIST, ISO) preferred.
- Ability to communicate complex and technical issues clearly, accurately, and professionally to diverse audiences.
- Experience with GRC platforms and compliance tools.
- Demonstrated ability to influence stakeholders, resolve compliance challenges collaboratively, and drive continuous improvement.
- Strong organizational skills with the ability to manage multiple priorities simultaneously.
- Commitment to ethical conduct, diligence, and accountability for results.
Benefits
- 401(k) savings plan with matching employer contribution
- Company-sponsored pension plan
- A choice of medical, prescription drug, dental, vision, and life insurance programs
- Skills development training with tuition reimbursement
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cyber security complianceNERC CIP Standardsrisk remediationcontrol validationcompliance auditsregulatory reviewscyber security governance frameworksNISTISOevidence collection
Soft Skills
communicationcollaborationorganizational skillsinfluencestakeholder engagementethical conductaccountabilityproblem-solvingtraining developmentpresentation skills