Description

Req Num 22-64061

Primary Purpose:

The Senior Domain Engineer - Cybersecurity - Forensics & Insider Threat will conduct security investigations aimed at identifying, resolving, and preventing complex and diverse insider threats and violations. Gathers and analyzes evidence, using a variety of forensics tools and processes to reveal key data from multiple digital sources (ex. hardware, USB drives, cloud, etc). Assesses security vulnerabilities to protect the company and its customers. Provides forensics expertise in legal proceedings.

Duties and Responsibilities:

Employ a variety of forensics tools and techniques to investigate complex and diverse insider threats and policy violations; coordinate appropriate notifications / escalations; gather and handle evidence; recover and examine data from computers, storage devices, cloud repositories, etc.; rebuild damaged systems to recover data.
Conduct sophisticated assessments of security vulnerabilities and protocols to ensure the continuing development of security protection technology as it relates to defending and protecting the company and its customers; communicate information to relevant stakeholders in a timely and persuasive manner; collaborate with other IT teams, management, and vendors to address threats and minimize risk.
Provide digital forensics expertise to internal and external parties; draft technical reports, assess evidence, and provide testimony in court proceedings; observe appropriate evidence custody and control procedures.
Review security violation reports and investigate possible policy exceptions; identify additional systems or networks at risk by insider threats.
Provide guidance, direction, and mentoring to junior engineers.
Provide limited day to day network and system administration and maintenance to digital forensic systems.
Performs other duties as assigned (no more than 5% of duties).

Qualifications

Education:

Bachelor's Degree Information Systems, Software Engineering, Computer Science, related field or equivalent training and/or experience required.

Experience:

5 years progressive experience working within IT and/or enterprise cybersecurity with experience in cybersecurity process, risk assessments, and troubleshooting of systems.
3 years experience working with cybersecurity and technology, with experience in endpoint security, network security, risk management, and/or application security. Significant experience performing vulnerability assessments and/or remediating security vulnerabilities, and developing security capabilities.
5 years experience with National Institute of Standards and Technology (NIIST) Cybersecurity Framework (CSF) or Risk Management Framework (RMF) such NIST 800-53.
3 years experience with hands-on development and programming of software and systems.
Must reside in Southern California or be willing to relocate upon hire.
We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office two to three days per week and work remotely on the remaining workdays.

Knowledge, Skills and Abilities:

Cybersecurity Acumen - Knowledge of cybersecurity design and architecture (application, data, and technical) with understanding of how systems and processes work together as aligned to business and IT imperatives
Cybersecurity Engineering - Ability to deliver holistic support to secure systems, identifying threats and vulnerabilities in systems and applications, creating security applications and solutions, designing for resiliency and security to enhance security capabilities protecting data from theft, compromise or attack.
Cybersecurity Risk Assessment - Ability to evaluate existing systems and solutions for security risk and vulnerabilities, designing solutions and systems that provide quality and traceability of risk data and analytics to inform security recommendations.
Application Security - Ability to define and operate secure application programs, as well as perform security reviews and tests of applications to meet security and compliance requirements while minimizing the risks of losses through exploitable security defects in applications.
Vulnerability Management - Ability to perform security reviews and tests to meet security and compliance requirements while effectively minimizing the risks of losses through exploitable security vulnerability.
Network Security Skills - Ability to deliver network security services through preventing unauthorized access to network resources (data and voice systems), managing network security related incidents and providing on-going services to maintain network security operations functions (firewall, DNZ, corporate LANs, etc.).
Identity and Access Management - Knowledge related to design and delivery of solutions for establishing user, applications and device credentials and processes for applying those credentials to access enterprise systems and applications.
Development Languages - Knowledge and understanding of one or more IT programming languages and database architectures, and ability to write code and develop applications using those languages.
DevSecOps Practices - Strong understanding of automation and security concepts and processes (e.g., test automation, code coverage, DevSecOps, Continuous Integration / Continuous Delivery (CI/CD) pipelines, etc.), and ability to drive the integration of development, operations, and security into enterprise software development preferred.
Software Delivery Frameworks - Strong knowledge of delivery frameworks such as Agile Scrum, Kanban, and/or Software Development Lifecycle (SDLC); proven ability executing projects in a collaborative, fast paced environment preferred.
IT Service Management - Ability to manage IT services lifecycle (service strategy, design, transition, operation, continuous service improvement) and use DevOps methodology and tools to analyze results preferred.

Licenses and Certifications:

Forensics certification (e.g., EnCase, FTK, Axiom) required.

Other Qualifications:

May require work outside of normal business hours and/or 24/7 response availability for system and application maintenance, enhancements, production releases and/or operational emergencies.
Textio

Read the full posting.

Contact

Sempra Energy

101 Ash St

San Diego

California United States

www.sempra.com

From the same organization

Executive Protection Agent II (Call-In) - Sempra

30 Jun, 2025

Executive Security Specialist II (Call-In) - Sempra

1 Jul, 2025

Senior Domain Engineer – Cybersecurity – Forensics & Insider Threat

SAINT JOHN ENERGY
Saint John Energy announces province's largest solar farm with Indigenous and global partners

UK MARINE ENERGY COUNCIL
New Marine Energy Taskforce launched with backing from The Crown Estate and Crown Estate Scotland

INYANGA MARINE ENERGY GROUP
Inyanga takes part in Westminster roundtable on marine energy

ADVANCING GEOTHERMAL ENERGY IN EUROPE
The strategic role of a Geological Service for Europe

STATKRAFT
Statkraft strengthens core activities and competitiveness following strategic review

7TH EV CHARGING INFRASTRUCTURE SUMMIT - NORTH AMERICA

17TH EDITION CHEM PETROCHEM AND REFINERY SHUTDOWNS AND TURNAROUNDS

25TH EDITION OUTAGE MANAGEMENT FOR POWER PLANTS

17TH SOLAR PV AND ENERGY STORAGE WORLD EXPO 2025 (PV GUANGZHOU)

THE 10TH WORLD BATTERY & ENERGY STORAGE INDUSTRY EXPO (WBE 2025)

Private zone

Privacy

Press

Subscription

Senior Domain Engineer – Cybersecurity – Forensics & Insider Threat

Private zone

Privacy

This website uses cookies