Principal IT Governance and Risk Consultant
Company: PSEG
Location: Bethpage
Posted on: April 2, 2026
|
|
|
Job Description:
Job Number: 7318 External Description: Job Title: Principal IT
Governance and Risk Consultant Requisition : 82085 PSEG Company :
PSEG Long Island Salary Range : $ 104,600 - $ 186,000 (145k base?)
15% bonus Work Location Category : Hybrid Flexible We’re one of the
country’s largest energy companies, with a vision of powering a
future where people use less energy, and it’s cleaner, safer and
delivered more reliably than ever. We’re also deeply connected to
the communities we serve, with more than 13,000 employees working
together to support our customers and make a difference every day.
Here, you’ll have the stability and exciting opportunities that
come with being a Fortune 500 company — along with a supportive,
friendly work environment where your contributions are valued. We
know life isn’t one-size-fits-all, and neither is work. That’s why
we offer flexible work options depending on the role. In support of
this model, roles have been categorized into one of three work
location categories: 1. Onsite – roles where employees are expected
to be onsite daily. 2. Hybrid fixed – roles that are a mix of
remote work and onsite work fixed days each week. 3. Hybrid
flexible – roles that are a mix of remote work and onsite work, but
the onsite requirements have greater flexibility. (i.e. 5-8 days a
month vs. set days each week). As an employee, if you are regularly
scheduled to work 20 or more hours per week, you will have access
to a wide range of comprehensive benefits eligible the first of the
month coincident with or following your date of hire., designed to
support your total well-being: medical, dental, vision, paternal
leave and family leave programs, behavioral health programs, 401(k)
with company match, life insurance, tuition reimbursement, and
generous paid time off. More than 13,000 people already call PSEG
their work home, taking pride in providing safe, reliable service
to millions of customers. If you’re looking for a place where you
can build a meaningful career and help power and support our
communities, we’d love to welcome you to the team. PSEG is not
offering visa sponsorship for this position. Job Summary This
position is a direct report to the Group Product Manager and has
sound knowledge of business processes in the specific area of
technology enablement. This position is responsible for managing
Vulnerability Management Remediation, IT Risk Management, Reporting
& Metrics Management, and Governance & Process Improvement, to meet
business outcomes, spanning multiple technologies including
associated impact, cost and complexity. This position is part of
IT’s control assurance program, and part of IT. In that capacity,
this position is responsible for the following: Product Consultants
are the primary facilitators for the product. Product Consultants
are responsible for optimizing the value proposition. They
anticipate issues and/or complications, and respond well to time
pressures. Leads the effort to work with multiple IT teams to
oversee and govern Vulnerability Management Remediation, IT Risk
Management, Reporting and Metrics Management, and Governance &
Process Improvement. Serves as a subject matter expert for their
assigned area. Prioritize actions with IT resources to meet
changing business needs. Keeps informed of technical and managerial
advances in IT, including leading the introduction of best
practice. Job Responsibilities Leading products teams, in a matrix
model, deliver business solutions: Vulnerability Management and
Compliance. Primary point of contact for vulnerability management
remediation and related queries and escalations. Works with IT
teams to govern and enforce IT Vulnerability Management process,
inclusive of identifying, specifying and analyzing vulnerability
closure, report status and managing progress throughout the
lifecycle of a vulnerability. Develops status updates, evaluates
SLA adherence and formulates plans, schedules and escalation
channels, in order to meet or exceed SLA targets. Collaborate with
various team to assess risks related to open vulnerabilities and
implement mitigation strategies. Manages vulnerability life-cycle,
including risk acceptance process for residual vulnerabilities/risk
items. Identifies and negotiates schedules, milestones and
resources required to meet objectives, primarily through
coordinating the activities with other IT departments and Vendors
(e.g., database, telecommunications, operations, technical support,
etc.). Escalates unresolved vulnerabilities in a timely manner and
close any backlogs. Governance and Controls Assurance: Lead the
development and maintenance of IT controls aligned with frameworks
(NIST, NERC, ISO, SOX etc.). Map regulatory, audit, and business
requirements to control objectives and ensure ongoing compliance.
Prepare management responses, remediation plans, and track closure
of findings. Collaborate with IT Risk Management, Cybersecurity,
and Audit teams to ensure controls support company objectives.
Design and build processes for governance of IT vulnerability
management, risk management, and compliance. Utilize domain
specific knowledge to work with different IT teams to: identify,
specify and analyze SLA requirements and processes, and monitor
progress throughout the vulnerability lifecycle and closure
process. Identifies process gaps and recommends improvements to
enhance efficiency and reduce operational risk. Responsible for
reporting and metrics management: Define, track, and manage key
performance indicators (KPI) for IT business areas, including IT
service management, Vulnerability management, Application
Management, Infrastructure Management etc. Produce reports and
dashboards on Vulnerability Management, SLA Adherence, and IT
operational metrics to senior leadership team. Ensures quality
through the use of company-approved methodologies. Job Specific
Qualifications Bachelor’s degree in Computer Science or a related
technical field, i.e. STEM, with 6 or more years of relevant work
experience. Demonstrated leadership capabilities through projects
or other work planning experiences. Demonstrated understanding of
and experience in IT project management methodologies, requirements
management, quality assurance and IT processes. Must have broad
knowledge of the business area's functions and applications, and of
system and technology alternatives. Deep familiarity with
regulatory and assurance frameworks: NIST CSF, NIST 800-53, COBIT,
NERC CIP, SOX. Strong knowledge of IT general controls, application
controls, cybersecurity and disaster recovery/business continuity.
Strong understanding of Vulnerability Management process, Risk
assessments methodologies, and SLA/KPI management & reporting.
Demonstrated experience in analytic tools to automate performance
reporting, and KPI management. Prior experience in IT governance,
risk and/or compliance field. Strong analytical ability to
translate insights into actionable recommendations. Strong verbal
and written communication skills. Strong facilitation skills.
Strong judgment and escalation management skills. Ability to foster
working relationships with the team, IT Management and vendor
teams. Solid understanding of technology platforms and ability to
explain technical ask. Demonstrated ability to measure process
performance and identify constraints, or any other escalation
requirements. Working knowledge of specific technology area
including business process configuration and execution for assigned
domains. Department of Energy’s regulation 10 CFR 810 is required.
Desired Relevant technical acumen or experience in vulnerability
management tools, risk assessment and IT governance. Familiarity
with risk management frameworks. Ability to automate repetitive
tasks. Ability to handle complex challenges under time constraints.
Ability to prioritize and escalate critical vulnerabilities to the
appropriate stakeholders. Project Management Professional
Certification (PMP) Certified Information Security Manager (CISM),
Certified in Risk and Information Systems Control (CRISC).
Experience with Cybersecurity. Job Number: 82085 Community /
Marketing Title: Principal IT Governance and Risk Consultant
Location_formattedLocationLong: Bethpage, New York US
Keywords: PSEG, Bloomfield , Principal IT Governance and Risk Consultant, IT / Software / Systems , Bethpage, New Jersey
