Cybersecurity Solution Analyst, Expert
Job Posting Date: July 19, 2017
Requisition #: 54172348-E01
Job Category: Information Technology
Job Level: Individual Contributor
Employment Type: Management
Business Unit: Information Technology and Supply Chain
City: San Francisco
Based in San Francisco, Pacific Gas and Electric Company, a subsidiary of PG&E Corporation (NYSE:PCG), is one of the largest combined natural gas and electric utilities in the United States. And we deliver some of the nation’s cleanest energy to our customers in Northern and Central California. For PG&E, ‘Together, Building a Better California’ is not just a slogan. It’s the very core of our mission and the scale by which we measure our success. We know that the nearly 16 million people who do business with our company count on our more than 24,000 employees for far more than the delivery of utility services. They, along with every citizen of the state we call home, also expect PG&E to help improve their quality of life, the economic vitality of their communities, and the prospect for a better future fueled by clean, safe, reliable and affordable energy.
Pacific Gas and Electric Company is an Affirmative Action and Equal Employment Opportunity employer that actively pursues and hires a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, age, religion, physical or mental disability status, medical condition, protected veteran status, marital status, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information or any other factor that is not related to the job.
The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. The Cybersecurity team consists of security professionals, each with multiple years of experience in their chosen discipline:
- Cybersecurity Risk & Strategy
- Cybersecurity Project Management
- Policy, Compliance Management, Training, & Awareness
- Risk Monitoring & Incident Management
- Control Assessment & Verification
- Business Planning & Control
The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Cybersecurity’s methodology and framework synthesizes current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources.
The Cybersecurity Solution Analyst provides cybersecurity risk consulting services to the product owners from the lines of business and the project delivery teams to ensure the safe and secure delivery of technologies through the identification, documentation and implementation of security controls and sound cybersecurity practices, in accordance with organizational standards and processes.
This role will engage with project teams and support the delivery of business and operational technologies in one or more assigned lines of business, getting a front-seat view into a real-life version of the Internet of Things while contributing to a rapidly growing team with extensive leadership support to strategically manage risk and proactively adapt to evolving threats and business needs.
Although San Francisco, CA, is the headquarters and preferred work location, San Ramon, CA may also be considered as an alternate work location.
- B.S. degree in Computer Science, Information Systems or other related field,or equivalent year work experience
- Minimum of 6 years of experience in IT, critical infrastructure, intelligence, and/or cybersecurity information security
- Ability to travel up to 10% to meet the needs of the business
- M.S. or M.B.A. degree in business administration, computer science, or equivalent preferred
- Experience with data protection and/or application security
- Experience with Palo Alto, Tripwire, QRadar or other firewall/network/software
- Knowledge of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
- IT security products and technolog
- Cyber/information security management policies, procedures, regulations and governance processes, Information Systems/Network Security, System Security Analysis, Information Assurance Compliance
- Knowledge of risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems
- Understanding of computer networking concepts and protocols, and network security methodologies
- Demonstrated problem analysis and decision-making skills
- Ability to communicate and convey complex IT/OT technical security related concepts to business and technology teams
- Ability to influence and work with and across all levels within the business
- Excellent written and verbal communication skills required
- Ability to perform complex tasks using established policies, procedures and guidelines as reference
- Leads technology assessments to understand capabilities of required systems or networks.
- Identifies and recommends cyber strategies for technology development based on stakeholder requirements.
- Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle.
- Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules.
- Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation.
- Owns and documents the implementation of the security controls and creates auditable evidence of security measures.
- Actively recommends engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cybersecurity risks.
- Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement.
- Actively engages with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology projects.
- Provides peer review and support for organizational deliverables.
Pacific Gas and Electric Company
There are approximately 20,000 employees who carry out Pacific Gas and Electric Company's primary business—the transmission and delivery of energy. The company provides natural gas and electric service to approximately 15 million people throughout a 70,000-square-mile service area in northern and central California.
- Service area stretches from Eureka in the north to Bakersfield in the south, and from the Pacific Ocean in the west to the Sierra Nevada in the east
- 141,215 circuit miles of electric distribution lines and 18,616 circuit miles of interconnected transmission lines
- 42,141 miles of natural gas distribution pipelines and 6,438 miles of transportation pipelines
- 5.1 million electric customer accounts
- 4.3 million natural gas customer accounts
energy, utility, power, gas, electricity
Company Type: Public Company
Company Size: 10,001+