Skip to main content

Expert Cybersecurity IT Network Specialist

LocationConcord, California;

Requisition ID # 89904 

Job Category : Information Technology 

Job Level : Individual Contributor

Business Unit: Information Technology

Department Summary

The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. Working together with IT, we review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks.

The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesize current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources. 

Position Summary

The Expert Cybersecurity IT Solutions Engineer is a highly organized, thorough, security-minded problem solver focused on the protection of PG&E information system assets against compromise and cyber-attacks. The successful candidate will conduct, monitor, and improve network security processes and controls to facilitate regulatory compliance working closely with compliance teams, managers, team leaders, specialists, security teams and subject matter experts. This position will provide support to deliver regular NERC CIP-005compliance health status and metrics, and internal and external auditor interactions as necessary.

Qualifications

Minimum:

  • Bachelor’s Degree in computer science or job-related discipline or equivalent experience
  • 6 years’ experience in IT-Information Technology,
  • Experience with NERC CIP regulations preferably in the Network security domain

Desired:

  • IT-Information Technology Product certification, for example CCIE, CCAr, MCSE, MCSM, RHCA, RHCE
  • Understanding of network security concepts, including segmentation and defense-in-depth strategies
  • Experience with various network security tools such as but not limited to Infoblox (IPAM, DNS),Netbrain, Tufin, Skybox 
  • Experience with documenting processes and procedures
  • Strong oral and written communication skills
  • Strong analytical skills
  • Ability to work with minimal supervision in a fast-paced environment
  • Utility industry experience
  • Certified Information Systems Security Professional (CISSP) 
  • Detail oriented Experience with Palo Alto next generation firewalls
  • Experience with firewall rule automation tools such as Tufin
  • Experience with monitoring or syslog collection/analysis tools
  • Understanding of network concepts from layer 2 through 7 including NAT/PAT and application identification (Palo Alto AppID)

Job Responsibilities

  • Reviews and stays current on North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations as they apply to the Network Security domain
  • Establishes and executes Network Security domain procedures and processes in support of NERC CIP compliance 
  • Works with lines of business to execute CIP procedures in a timely manner to maintain NERC CIP compliance
  • Performs ongoing monitoring to ensure network security processes and technology solutions continue supporting NERC CIP compliance
  • Works with compliance teams to establish, test, and maintain CIP related network security controls
  • Identifies potential compliance gaps and as required follows compliance reporting processes, performs extent of condition reviews, and establishes mitigation plans
  • Investigates and addresses CIP related corrective action program (CAP) issues 
  • Works within Network security Operations and with other cross functional operations and compliance teams to ensure processes and technical solutions align to meet NERC CIP requirements, and provide requirements to update processes and technical solutions as needed 
  • Supports the development and presentation of regular status reports and metrics providing visibility to NERC CIP compliance status in the Network Security domain
  • Supports regular reviews and updates to CIP005 standards and reliability standard audit worksheets (RSAW)
  • Supports interactions with external regulatory enforcement organizations during audits or other required meetings, and internal audit teams

I'm Interested

Sign Up for Job Alerts

Note that all fields are mandatory. Please set your category and location selections prior to submitting.
By submitting your information, you acknowledge that you have read our privacy policy and consent to receive email communications from PG&E.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Concord, California, United StatesRemove