I am...

Requisition: 71291

​

PSEG Company: PSEG Services Corp.

​

Salary Range: $ 70,200 - $ 115,800

​

Incentive: PIP 10%

​

Work Location Category: Remote Local

​

PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.

​

PSEG offers a unique experience to our more than 12,000 employees – we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.

• Provides direction and technical expertise in access provisioning and identity governance.
• Defines, designs, and implements Role Based Access Control (RBAC) strategies.
• Responsible for the health and optimization of the IAM platform.
• Involved in designing, development and implementing of IAM tools.
• Involved in onboarding client Applications.
• Developing reports for audit, SOX and attestation compliance.
• Using custom and out of the box workflows.
• Help determine user/business/functional requirements.
• Implementing and scheduling various type of User Entitlement Reviews for applications and databases.
• Develops and configures custom SOD policies using rules.
• Hands-on technical experience with Installation and configuration of SailPoint Identity IQ platform.
• Experience with IAM tools to integrate business applications, databases, middleware and operating systems.
• Experience in Identity governance and provisioning with Active Directory, SAP and SaaS applications.
• Experience and/or general Java development experience.
• Broad knowledge of information systems such as Windows, Linux, network or Data Base.
• Experience in user joiners/movers/leavers life cycle, RBAC policies, enterprise role entitlement/administration, provisioning workflows and access certifications.
• Develop automation for access, account provisioning, account de-provisioning and access certification functionality.
• Develops monitoring reports on the health, effectiveness and efficiency of the IAM service

Required:

• Bachelor’s degree and a minimum of 2 years of experience in Information Security or related technical field.
• Without a bachelor’s degree, a minimum of 6 years of experience in Information Security or related technical field
• Hands-on technical individual, performing IT security functions and maintaining systems.
• Works independently with little or no supervision.
• Excellent oral and written communication skills.
• Excellent leadership, technical teamwork, and interpersonal skills.
• Demonstrated ability to foster working relationships with the team, Management and Client departments.

​

Desired:

• Strong knowledge of Cyber security architecture principles
• Technical knowledge of Identity and Access Management, Single Sign-On, LDAP, SAML, OpenID, Oauth
• IAM or Security Certifications

Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made. If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.

​

Candidates must foster an inclusive work environment and respect all aspects of diversity. Successful candidates must demonstrate and value differences in others' strengths, perspectives, approaches, and personal choices.

​

Certain positions at the Company may require you to have access to 10 CFR Part 810 controlled information. If the position does require access to this information, the Talent Acquisition representative will provide further details upon making an offer.

​

PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.

​

Business needs may cause PSEG to cancel or delay filling position at any time during the selection process.

​

This site (http://www.pseg.com) is strictly for candidates who are not currently PSEG employees. PSEG employees must apply for jobs internally through emPower which can be accessed through sharepoint.pseg.com by clicking on the emPower icon, then selecting careers.

​

PEOPLE WITH DISABILITIES:

​

PSEG is committed to providing reasonable accommodations to individuals with disabilities. If you have a disability and need assistance applying for a position, please call 973-430-3845 or email accommodations@pseg.com. If you need to request a reasonable accommodation to perform the essential functions of the job, email accommodations@pseg.com. Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.

​

ADDITIONAL EEO/AA INFORMATION (Click link below)

​

Know your Rights: Workplace Discrimination is Illegal

​

[Pay Transparency Nondiscrimination Provision](https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_ English_formattedESQA508c.pdf)

Position Summary:

​

This position is responsible for focusing domain areas of expertise as well as a good breadth of experience across Application Penetration Testing, Thick Client Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing (iOS and Android), Medical IoT devices Penetration Testing, fuzz testing and Open-Source Intelligence and Physical Security Testing.

• Perform medical device vulnerability scans, fuzz testing, penetration testing, security code reviews, and reverse engineering. Carrying out IOT penetration tests, application (mobile, MIoT and PC platform), network, systems, and infrastructure penetration tests and performing various aspects of vulnerability assessments / penetration tests across a wide variety of platforms and technologies in medical industry. Perform targeted testing activities to identify weaknesses and methods in which to exploit them.
• Review threat models and perform security risk assessments of medical products
• Helping evolve the knowledge of adversarial TTPs for medical devices and medical applications and apply that knowledge when evaluating and testing corporate resources. Adherence to the highest standards of safety, ethics, and professional conduct are critical requirements of this position.
• Supporting project initiatives to assess vulnerabilities in medical devices and medical/health software assets (via penetration tests, testing policies and procedures, etc.).
• Applying existing IT technical expertise to address cybersecurity related issues and challenges.
• Keeping up to date with tools, countermeasures, threats and technologies.
• Developing and refining tools, templates and methodologies.
• Interpreting vulnerabilities, identifying weaknesses, exploiting them and escalate access.

Required Qualifications

​

• Higher degree in Information Security, Computer Science, Computer/Software Engineering, Electrical Engineering, or relevant work experience
• Several years of professional experience in conducting IOT penetration testing, fuzz testing preferably in the medical sector (or other relevant sector).
• Security knowledge in the areas: Operation system security, mobile OS Security, embedded operation system security, communication protocols (Bluetooth/BLE/WIFI etc.), medical protocols (DICOM etc.), threat modeling, common security testing tools.
• Programming skills in Python, C/C++, C#, or similar for the purpose of code review and test automation
• Excellent technical expertise (in both breadth and depth), written communication skills, time management skills, and the ability to communicate effectively with numerous lines of business representatives.
• Experience with open source and commercial penetration testing security tools in an enterprise environment.
• Proficiency with Windows, Unix/Linux, and mobile platform operating systems.
• Comprehension of OWASP Top 10 (both web and (M)IoT), OSSTMM, PTES, NIST and able to understand and communicate findings to customers
• Must be willing to work flexible hours; they must also be able to travel, as required. Comfortable working in a fast-paced environment

Equal Opportunity Employer – Disability and Veteran

​

TÜV SÜD America, Inc. is an equal opportunity, affirmative action employer and considers qualified applicants for employment without regard to race, color, creed, religion, ancestry, marital status, genetics, national origin, sex, sexual orientation, gender identity and expression, age, physical or mental disability, veteran status and those laws, directives, and regulations of Federal, State, and Local governing bodies or agencies. We participate in the E-Verify Employment Verification Program.

​

For more information on applicable equal employment regulations, please refer to the following: Labor Law 2024

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world's real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives. We have been living and breathing the world of real estate information and online marketplaces for over 35 years, giving us the perspective to create truly unique and valuable offerings to our customers. We've continually refined, transformed and perfected our approach to our business, creating a language that has become standard in our industry, for our customers, and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers, our employees, and investors. By equipping the brightest minds with the best resources available, we provide an invaluable edge in real estate. We are seeking a skilled and experienced Senior Cybersecurity Engineer with expertise in the deployment and operations of the Microsoft Defender suite of tooling. You will engage with all departments of CoStar Group helping drive and shape the way we manage the protection of our enterprise infrastructure. We're looking for someone who can communicate and reinforce security concepts to technical and non-technical team members. The ideal candidate will have deep experience operating Microsoft Defender tooling - including Microsoft Defender for Endpoint, Defender, XDR, Defender for Identify, Defender for Cloud Apps, Defender Vulnerability Management, Application Control (WDAC), Firewall, SmartScreen, Antivirus, etc. The successful candidate will be intrinsically motivated to learn new technologies and tools to move security forward as it is implemented within the CoStar Enterprise. This position is located in Washington, DC or Richmond, VA and offers a hybrid schedule of 3 days onsite, 2 days remote.

Design, implement, and manage Microsoft Defender solutions to protect against various cyber threats., Ensure proper configuration and deployment of Microsoft Defender for endpoint protection., Collaborate with cross-functional teams to integrate Microsoft Defender into the overall security framework., Configure and manage the Microsoft Defender Firewall to protect network traffic and prevent unauthorized access., Utilize SmartScreen to enhance protection against phishing and malicious websites., Develop and enforce USB restriction policies to mitigate the risks associated with unauthorized external devices., Implement and manage controls to monitor and regulate USB device usage across the organization., Deploy and maintain Windows Defender Application Control solutions to enhance application security., Define and enforce application control policies to prevent unauthorized applications and code execution., Participate in security incident response activities, leveraging Microsoft Defender capabilities to detect, investigate, and remediate security incidents., Collaborate with incident response teams to enhance the organization's overall security posture., Create comprehensive documentation for implemented security solutions, including configuration details, best practices, and troubleshooting guides., Generate regular reports on the status of Microsoft Defender deployments, USB restrictions, and Windows Defender application control effectiveness.

Basic Qualifications: - Bachelor's Degree required from an accredited, not for profit university or college (preferably in Computer Science, Cybersecurity or a related field) - A track record of commitment to prior employers - 5+ years total experience in engineering, including a minimum of 3 years in Security specific roles - Expert knowledge of Microsoft Defender tooling Preferred Skills: - Experience operating tools in a hybrid environment with a mix of on premise and cloud technologies Knowledge of industry compliance standards and regulations. Scripting and automation skills (Terraform, Perl, Python, PowerShell) for security-related tasks.

When you join CoStar Group, you'll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed. We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training, tuition reimbursement, and an inter-office exchange program. Our benefits package includes (but is not limited to): Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug, Life, legal, and supplementary insurance, Virtual and in person mental health counseling services for individuals and family, Commuter and parking benefits, 401(K) retirement plan with matching contributions, Employee stock purchase plan, Paid time off, Tuition reimbursement, On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes, Access to CoStar Group's Diversity, Equity, & Inclusion Employee Resource Groups, Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks. We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar Group is not able to provide visa sponsorship for this position.