Share this Job

Mgr, Cyber Incident Response


Wadsworth, OH, US, 44281

Job Function:  Information Technology
Employee Type:  Reg Full Time (FT)
Requisition ID:  60684

FirstEnergy at a Glance

We are a forward-thinking electric utility powered by a diverse team of employees committed to making customers’ lives brighter, the environment better and our communities stronger.

FirstEnergy (NYSE: FE) is dedicated to integrity, safety, reliability and operational excellence. Headquartered in Akron, Ohio, FirstEnergy includes one of the nation's largest investor-owned electric systems, more than 24,000 miles of transmission lines that connect the Midwest and Mid-Atlantic regions, and a regulated generating fleet with a total capacity of more than 3,500 megawatts.

About the Opportunity

This is an open position with FirstEnergy Service Co., a subsidiary of FirstEnergy Corp.

This position manages, directs and co-ordinates the cyber security Incident Response program for all business units at the company. This position will have regular manager duties and ownership related to the oversight of these areas including budgeting, staffing, compliance, project management, work management and vendor management.  This position serves as the champion for preparation, practice exercises and responses to actual cyber security incidents.


This position also works to partner closely with multiple departments, including but not limited to corporate Risk, Legal, Communications, Compliance, and Information Technology. The ideal candidate will bring a strong procedural, technical background in a corporate environment; adaptability in fast-paced, evolving situations; and excellent communication and collaboration skills. This person is able to successfully maintain, improve and execute a cyber security incident response plan, while fostering a collaborative and inclusive work environment by using FirstEnergy’s core values and behaviors as guideposts. 


Responsibilities Include:

  • Ensure incident response plans are current, effective, well documented, rehearsed and communicated
  • Functions in a lead role to plan, execute, and evaluate response exercises, notably large-scale exercises with a cyber component
  • Creates Incident Response development strategies, policies, and procedures by identifying problems/needs; evaluating trends and anticipating requirements.
  • Identify areas of program improvement, expansions of service, and other evolutionary changes.
  • Establish and manage Incident Response service levels.
  • Perform resource management for Incident Response staff.
  • Provide investigation assistance and coordinate mitigation efforts during an incident.
  • Preserves evidence and complies to regulatory requirements by implementing security and control structures.
  • Work with the Emergency Operations Center to align cyber incident response to the overall FirstEnergy emergency plan for all-hazards response
  • Liaison to upper management, other functional areas, and internal business organizations.
  • Liaison to external peer organizations for knowledge exchange.
  • Provide input to contract negotiations for required software, hardware, and consulting.
  • Maintains a high-level of technical knowledge of platforms utilized throughout the environment
  • Develops key relationships with vendors providing products in the Incident Response space.
  • Not afraid to roll up your sleeves when needed and believe that collaborative approach is key to solving problems and improving our systems and people.
  • Responsible for managing staff performance by setting objectives, tracking performance, and providing feedback.  Assists in the personal growth of staff through individual development plans, mentoring, coaching and stretch job assignments.
  • Mentor and motivate a diverse team that evolves with business and technology needs.
  • Conduct performance appraisals of the Incident Response staff.
  • Develop and execute Incident Response staff training plans
  • Accomplish annual Cyber Security and company performance objectives.
  • Champions FE’s Core Values & Behaviors, through coaching and by personal example.


Qualifications include:

  • A Bachelor’s Degree in a relevant field.
  • 7+ years of IT or cyber security experience preferred.
  • 5+ years of related management, operations, and budget experience.
  • Certifications such as CISSP, CISM, or SANS preferred.
  • Strong leadership, excellent oral and written communication skills required.
  • Excellent interpersonal and organizational skills.
  • Strong interpersonal, presentation, communication, and training skills.
  • Strong knowledge of process improvement techniques.
  • Strong ability to develop and manage critical vendor relationships.
  • Ability to work with all levels of management throughout the organization. 
  • Strong analytical and problem-solving skills.
  • Strong decision-making skills during emergency and crisis situations.
  • Ability to work with highly confidential information.
  • Demonstrated understanding of best practices in cyber security encompassing strategies, policies, principles, procedures, and standards.
  • Familiarity with the FEMA National Incident Management System (NIMS) and the Incident Command Structure (ICS) models, holding a FEMA Professional Development Series Certificate is a plus
  • Advanced working knowledge of Threat Lifecycle and Incident Management.
  • Advanced knowledge of risk management techniques to defeat advanced attackers and capability to discuss techniques at an executive level.
  • Strong knowledge of disaster recovery and business continuity practices
  • Strong knowledge of IT architectures, processes, policies, and tools.
  • Knowledge of core Microsoft enterprise applications and services such Active Directory identity and access management services, file/print services and other associated technologies.
  • Experience with the effective use of Microsoft Office Suite (Outlook, Word, Excel, and PowerPoint).
  • Experience developing or working with diverse teams and building an inclusive work environment
  • Role model of FirstEnergy’s core values and behaviors; unwavering integrity and trustworthiness


Benefits, Compensation & Workforce Diversity

At FirstEnergy, employees are key to our success. We depend on their talents to meet the challenges of our changing business environment. We are committed to rewarding individual and team efforts through our total rewards philosophy which includes competitive pay plus incentive compensation, a company-sponsored pension plan, 401(k) savings plan with matching employer contribution, a choice of medical, prescription drug, dental, vision, and life insurance programs, as well as skills development training with tuition reimbursement. Please visit our website at to learn more about all of our employee rewards programs. FirstEnergy proudly supports workforce diversity. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. No recruiters or agencies without a previously signed contract. Unable to sponsor or transfer H-1B visas at this time.


Safety is a core value for FirstEnergy and is essential to all of our business activities. We ensure employees have the tools, information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the public. Our goals are to provide a safe work environment, to maintain an accident-free, injury-free workplace, and to promote and maintain public safety. To meet these goals, we dedicate ourselves to achieving world-class safety standards.

Position Classification



FirstEnergy Human Resources Team

Nearest Major Market: Akron
Nearest Secondary Market: Cleveland

Job Segment: Cyber Security, Compliance, Emergency Management, FEMA, Manager, Security, Legal, Government, Management