Senior Cybersecurity IT Solutions Engineer
Requisition ID # 89334
Job Category : Engineering / Science
Job Level : Individual Contributor
Business Unit: Information Technology
The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. Working together with IT, we review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks.
The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesize current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources.
The Senior Cybersecurity IT Solutions Engineer is a highly organized, thorough, security-minded problem solver focused on the protection of PG&E information system assets against compromise and cyber-attacks. The successful candidate is responsible for planning, implementing, deploying, and maintenance of security solutions to ensure the stability and security of PG&E infrastructure for both on premise data centers and cloud deployments. They will have extensive knowledge and broad functional experience with Firewalls, AWS, ADC, IDS/IPS across a wide range of complex architectures, platforms, and mediums. This position will help in the secure deployment of network systems and help in the administration of same in a mission-critical, 24/7 environment.
This position will implement high-level designs, provide constructive feedback and input to architects and update operations documentation for any new configurations or procedures resulting from changes to production environments. Additionally, there is responsibility to document all work for metrics and billing reporting using a designated change management or request system.
This role will work from your home office through the end of the year. Once a responsible return to the office is identified the work location could be in either Sacramento or Concord.
- BA or BS degree in Computer Science, Engineering, Business or related discipline or equivalent experience
- 5 years of network engineering design, operations, and/or technical project implementation experience
- Extensive experience in network security and network engineering concepts in the cloud such as AWS
- Experience with various network security tools such as Infoblox (IPAM, DNS), Cisco ISE, PRTG, Netbrain, Tufin, Skybox Experience in Network monitoring and troubleshooting techniques, including SNMP monitoring tools, packet sniffing, protocol analysis and bandwidth utilization.
- Understanding of network security concepts, including segmentation and defense-in-depth strategies
- Ability to create VLANs, routes and configure network interfaces on switches, routers, and firewalls to facilitate the building of DMZs and create network segmentation
- Ability to troubleshoot and pinpoint network issues outside of firewalls
- Understanding of network concepts from layer 2 through 7 including NAT/PAT and application identification (Palo Alto AppID)
- Experience with Palo Alto next generation firewalls
- CISSP or other industry standard network security certification
- Experience in the Utility Industry and meeting audit requirements for NERC and WECC
- Experience with Application Delivery Controllers (preferably F5)
- Experience with Cyclades or other serial console terminal servers
- Working with project teams to configure and install firewalls
- Build and maintain network topology to drive security model and enterprise zone security strategy
- Participate in data calls and other operational and maintenance tasks.
- Assist with technical issues, project management, design, analysis, and implementation of network security solutions as needed.
- Develop and execute mitigation plans for technical issues.
- Prepare periodic maintenance plans and comply with change management procedures.
- Maintain detailed knowledge of company network and technology standards.
- Work closely with other IT groups to ensure systems are maintained in an efficient manner, and communicate all issues, changes, outages, and maintenance in accordance with processes, procedures, and policies.
- Responsible for technical support and administration of critical infrastructure network components (e.g., firewalls, wireless controllers, VPN, etc).
- Work cross functionally with Architects, Solutions Engineers, and Project Managers to meet aggressive project deadlines.
- Available to be on call to support the business 24x7 when required