Description
Job ID: 1526
Become an Application Security Engineering, Cybersecurity Advisor at Southern California Edison (SCE) and build a better tomorrow. In this job, you will serve as a member of our Cybersecurity Technology & Engineering Team.
You will be responsible for ensuring the security of our organization's software applications. You will work closely with development teams to prevent, identify and remediate security vulnerabilities throughout the software development lifecycle. Your role will involve conducting security assessments, implementing security controls, and providing guidance on secure coding practices. Additionally, you will collaborate with multi-functional teams to enhance the overall security posture of our applications and mitigate potential risks.
Focus of Role:
- Design, implement and operate Application security tools
- Provide deep technical cybersecurity domain expertise with respect to secure coding practices and application design.
- Perform security assessments of software applications to identify vulnerabilities and weaknesses.
- Develop and maintain threat models to identify and mitigate potential security risks.
- Conduct code reviews to identify security flaws and recommend remediation strategies.
- Work closely with development teams to integrate security best practices early into the software development lifecycle to ensure applications are secure by design.
- Collaborate with multi-functional teams to define security requirements and ensure compliance with industry standards and regulations.
- Provide security guidance and training to development teams on secure coding practices and techniques.
- Stay informed about the latest cybersecurity threats, trends, and technologies to continuously improve security measures.
- Participate in security architecture reviews and provide recommendations for enhancing the security of applications and infrastructure.
- Participate in security incident response activities, helping to identify, contain, and remediate security incidents.
As an Application Security Engineering, Cybersecurity Advisor, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?
Responsibilities
- Manages cyber security project delivery by ensuring the cyber security team delivers on success criteria
- Delivers project reporting for assigned projects, conducts critical analysis of project status, potential risks, and continual process improvement
- Coordinates and performs appropriate maintenance to ensure reliable and secure performance of the security systems, including applying security patches, implementing version upgrades, modifying, and improving services and performing ongoing operational management tasks
- Contributes to an overall cyber security governance strategy, standards, and operational procedures
- Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes
- Prepares and updates Plan of Actions & Milestones (POA&M) that identify security weaknesses and establishes milestones and compensates controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation
- Oversees the production of evidence to support internal and external audits
- Provides Cyber Security and risk assessments for new networks, services and devices as the need arises
- Drives periodic monitoring of audit logs in accordance with requirements, and reports findings and concerns for further analysis and action, inclusive of breach notification and initiation of incident response, in accordance with protocols and procedures
- Delivers programs and processes to reduce information security risk and strengthen SCE's security posture
- A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.
Minimum Qualifications
- Seven or more years of experience in information technology, information security and/or cybersecurity.
- US Citizenship Required.
Preferred Qualifications
- Bachelor's degree or higher in Computer Science, Information Technology, or related field.
- Four or more years of experience in Cybersecurity.
- Experience in application security, including conducting security assessments, code reviews, and implementing security controls.
- Experience and solid understanding of secure software development practices, including knowledge of common vulnerabilities such as OWASP Top 10, Verification frameworks such as OWASP ASVS, and Software maturity models such as OWASP SAMM.
- Experience with web application firewalls, penetration testing tools, vulnerability scanning tools, application analysis tools (SCA, SAST, DAST, etc.), and threat assessment tools.
- Experience and proficiency in programming/scripting languages such as JavaScript, Java, Python, PowerShell, Bash and C#, with the ability to analyze and debug code for security issues.
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Secure Software Lifecycle Professional (CSSLP), Certified Application Security Engineer (CASE), Certified Application Security Professional (CASP+), Offensive Security Certified Professional (OSCP), Certified Web Application Defender (GWEB) and/or any other relevant certifications.
- Experience with secure coding standards such as CWE/SANS Top 25.
- Experience and working knowledge of cloud security principles and cloud platforms such as AWS, Azure, and GCP.
- Experience with Development tooling: IDEs, CI/CD pipelines, Version Control, Ticketing systems
- Strong understanding of basic communications protocols and networking
- Experience and working knowledge of containers and container platforms
- Superb communication and collaboration skills, with the ability to work effectively with multi-functional teams.
- Strong analytical and problem-solving abilities, with a keen attention to detail.
Contact
Southern California Edison
P.O. Box 800
Rosemead
California États-Unis
www.sce.com
From the same organization
27 May, 2025
