Job Description
Join the Clean Energy Revolution
You are inspired to be part of a team that is a thought partner to the business, and a champion of change to help to shape the future of the next generation energy company? Become a Cybersecurity Engineering, Senior Manager in our Cybersecurity Engineering, Risk and Governance organization at Southern California Edison (SCE) and build a better tomorrow.
As one of the nation's critical utilities, our electric infrastructure requires constant vigilance and innovation. We depend on our dedicated, curious, problem-solving cybersecurity and IT teams to protect these assets and help build our clean energy future. Every day at SCE, you will handle unique and complex challenges and be empowered to improve our defenses. You'll create innovative programs to protect our key electric infrastructure against threats, energize our transformation, and drive growth. We know that a multi-layered strategy is key to combating cyber threats.
In this job, you'll develop and implement strategies to create new processes, standards, and operational plans to improve SCE's cybersecurity posture. Develop a cybersecurity team of SMEs to drive a robust cybersecurity risk management, engineering, testing, and architecture framework throughout SCE. Guide the team, in coordinating with Operating Units (OUs) across the company to ensure that cybersecurity controls are part on any software and system development lifecycle whether across IT and OT networks. Additionally, your team will work to verify and help remediate risks, exceptions, and standards and establish monitoring capabilities to defend against and respond to cyber threats as they arise. Your contributions will directly protect critical energy infrastructure as SCE continues to modernize the grid through digital means.
As a Cybersecurity Engineering, Senior Manager, your work will help power our planet, reduce carbon emissions, and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?
A day in the life - Get ready to think big, work smart and shine bright!
- Manage and develop a team of Cybersecurity SME, programs, and budgets to meet strategic goals and operational needs. Make, recommend, and/or approve employment decisions (e.g., hiring, promotion, appropriate pay, rewards/recognition, succession planning and termination). Guide employee performance for both direct and/or matrixed reports. Establish performance expectations and goals aligned with Company objectives, policies, and procedures. Lead, train, and develop staff by providing timely feedback, mentor and support.
- Ensure team members take ownership & accountability of assigned areas of responsibility and effectively lead workload to meet team deliverables and target dates.
- Establish strategic priorities, new processes, standards, and operational plan that ensure SCE's Cybersecurity Department contributes value to OUs through agility, teamwork, and strategic alignment.
- Lead cybersecurity standards and architecture conversations and solutions with enterprise architecture, IT/Ops, Grid Services, and other teams within SCE.
- Work with the business on effective risk mitigation plans and address matters requiring executive intervention and decision making.
- Implement corporate wide cybersecurity risk management practices in line with defined strategy and governance.. Review key cybersecurity reporting metrics across the business. Provide input to the risk management strategy, both short and long term, based on changing threat and SCE information security environment.
- Responsible for engaging with business leaders, on risk matters ranging from policy and governance to security operations. Provide administrative and tracking actions/collaboration activities. Lead and ensure coordination and consensus with other cybersecurity teams to align processes and procedures to ensure a common approach to risk management activities.
- Deconstruct complex security processes and solutions to identify relevant risk areas, potential control points, and provide sound recommendations for risk treatment.
- Deliver and report key metrics to provide collaborators situational awareness regarding risks, vulnerabilities, and vulnerability remediation timelines.
- A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.
The essentials
- Five (5) or more years of experience managing or leading an organization/unit of direct reports, or serving as a project manager for the successful implementation of Cybersecurity programs.
- Five (5) or more of experience in Cybersecurity, Risk Management, Incident Response, Threat Analysis, Engineering, and/or development, maintenance, and implementation of enterprise cybersecurity policies and standards.
The preferred
- Bachelor's Degree or higher in Engineering, Computer Science, Information Systems, or related field of study.
- Five (5) or more years of experience in leading cybersecurity programs.
- Experience in analysis, design, and implementation of industry-standard information security programs on mainframe, mid-range, network, and distributed computing environments.
- Experience in development of strategic information security plans, policies, procedures, and controls, and extensive experience in regulatory compliance, up to and including, external and internal audits.
- Experience in design and implementation of security systems, common services, governance, programs, administrative functions, and energy systems, as well familiarity with security in-depth practices in information classification, forensics investigations, incident response and tracking, and risk management and assessment methodologies and programs.
- Experience and working knowledge of Information Security standard methodology such as NIST 800 series, ISO 27000 series, ISA, or COBIT.
- Experience and working knowledge of change management process such as Agile, ITIL, Six Sigma, or MSF.
You should know
- This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to reside in the state of California. Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.\\
- Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!
- This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
- The primary work location for this position is Rosemead, CA however, the successful candidate may also be asked to work for a period out in the field throughout the SCE service territory.
- Position may require up to 5 - 10% traveling between alternate SCE work location sites.
- Relocation may apply to this position.
- Candidates for this position must be legally authorized to work directly as employees for any employer in the United States without visa sponsorship.
- US Citizenship required as part of Critical Infrastructure security protocols.
- Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
Southern California Edison
P.O. Box 800
Rosemead
California États-Unis
www.sce.com