Description

Primary Purpose

The Senior Cybersecurity Specialist runs cybersecurity capabilities and technologies with a core emphasis on Cybersecurity awareness and training. Develops, facilitates, implements, and communicates to the corporate audience Information Security goals, policies, and procedures to minimize security risks to the Company. Develops companywide awareness messaging regarding Information Security best practices with respect to business activities and security threat alerts. Advances Information Security and business operations. Leads information security awareness planning, including the development of corporate wide annual Information Security training and an annual communications and corporate outreach plan. Assesses and evaluates on an ongoing basis the effectiveness of the awareness program against corporate and the Information Security goals. Works closely with IT and organizational leaders and technical experts, on a wide variety of security issues that require an in-depth understanding of the respective organizations, their practice and processes associated with security and information handling. Develop and/or maintain a Cybersecurity Advocacy group. Ability to work with technical vendors/partners from contract to implementation to that contribute to a successful Cybersecurity Awareness program. Develop companywide Cybersecurity events including booking of speakers, audio/visual, catering options and content. Proficiency in or the ability to learn to create/develop and execute Phishing campaigns for all employees as well as create & monitor Cybersecurity Risk-related data analytics & metrics and create data visualizations and reporting. Proficiency in the following tools(desired): Phish Alarm, Phish Analyzer, Proofpoint/Wombat, BOT (automation process) and SharePoint.

Duties and Responsibilities

Develop strategies to reduce corporate risk by creating and implementing company-wide information security awareness and information security training programs, including the development of an annual Security Awareness Plan.
Raise the general level of awareness of information security by providing ongoing outreach using all company communications methods (i.e., articles, town hall and lunch and learn events, presentations to employees, etc.), issue cybersecurity alerts as needed, and train employees in more depth on information security concepts by developing a corporate wide employee training program that consists of a web-based training module deployed annually.
Create and execute monthly phishing campaigns.
Produce monthly data/metrics driven phishing reports.
Provide advanced support for area of responsibility by using knowledge of both Information Security concepts, communications and awareness concepts, overall corporate business goals as well as senior management Information Security goals.
Foster growth in security awareness by investigating, researching and identifying new awareness areas for the program in order to enhance the company security practices with the goal of minimizing the overall security risk to the company; provide guidance and training to and act as a mentor for junior members of the team.
Perform documentation review and enhancement, including the review Information Security team materials for external presentations and speaking engagements.
Assist in monthly employee reward t-shirt mailing program.
Performs other duties as required.

Qualifications

Education

Bachelor's degree in Cybersecurity, Information Systems, Software Engineering, Computer Science, related field or equivalent training and/or experience. Required

Licenses and Certifications

CISSP, CISA, SANS. Preferred

Experience

5 years of experience in:

Developing, facilitating, implementing, and communicating training material, policies and information to a corporate audience.
Progressive experience working within IT and/or enterprise cybersecurity with experience in cybersecurity process, risk assessments, governance, and/or maintaining operational systems.
Experience working within a team or independently with minimal supervision on multiple simultaneous task.

3 years of experience:

Familiarity with cybersecurity technologies and concepts including experience and
knowledge of NIST 800-50.
Proficiency in creating/developing/executing Phishing campaigns for all employees and
producing metrics. Proficiency in the following tools: Phish Alarm, Phish Analyzer.
Experience in establishing metrics and measurements demonstrating program effectiveness.

Read the full posting.

Contact

Sempra

101 Ash St

San Diego

California United States

www.sempra.com

From the same organization

Senior Cybersecurity Auditor (Hybrid) - Sempra

18 Jul, 2024

Tax Analyst (Hybrid) - Sempra

18 Jul, 2024

Senior Business Analyst (Hybrid) - Sempra

18 Jul, 2024

MORE

Senior Cybersecurity Specialist

EDP RENEWABLES NORTH AMERICA
EDP Renewables Celebrates its First North Carolina Solar Park
North Carolina marks the 18th U.S. state where EDPR NA operates a utility-scale renewable energy project.

LS POWER
U.S. Department of Energy Selects LS Power's SWIP-North Project for the Transmission Facilitation Program

IBERDROLA
Iberdrola and Norges Bank Investment Management conclude negotiations to expand alliance to 2,500 MW of renewables in Iberia

NATURAL POWER
Natural Power supports BlackRock's acquisition of solar and storage projects from Excelsior

FIRSTENERGY
New FirstEnergy Foundation Volunteer Center Gives Foodbank Volunteers a Place to Shine

3RD V2G BUSINESS, POLICY & TECHNOLOGY FORUM

2024 LEADERSHIP CONFERENCE FOR WOMEN IN ENERGY - CANADA

NON-WIRES ALTERNATIVES (NWA) AND FUTURE GRID INNOVATIONS

IRP BEST PRACTICES SUMMIT

2024 API PIPELINE CONFERENCE AND EXPO: PIPELINE, CONTROL ROOM AND CYBERNETICS

Private zone

Privacy

Press

Subscription

Senior Cybersecurity Specialist

Private zone

Privacy

This website uses cookies