Expert DevSecOps Engineer - Customer Portfolio
Location: Oakland, California
Requisition ID # 164812-en_US
Our IT professionals are at the enterprise's core, leveraging modern technology to deliver safe and reliable energy to our customers. We use AI, the cloud, data science, and the latest tools and programming languages to solve hard, interesting problems and tackle challenges like the ever-growing threat of climate change, wildfires, and breaches of cyber security. Join us and experience the satisfaction of being a technology enabler for a company that leads the industry in innovation.
Success Profile
What makes a successful Team Member at PG&E? Check out the top traits we’re looking for and see if you have the right mix.
- Adaptable
- Collaborative
- Creative
- Curious
- Results-driven
- Thoughtful
Benefits
PG&E is proud to provide a comprehensive benefits program to help you take care of your physical, emotional and financial health. In addition to the offerings below, you can expect inclusive programs in areas such as performance recognition, training and employee development, mentoring and more.
-
Paid Time Off
Vacation, Sick Hours, Holidays, Family Leave
-
Employee Resource Groups
16 ERGs at the core of our DEIB culture that support employee development and foster business relationships
-
Professional Development
Leadership and Employee Development Courses, LinkedIn Learning, Mentoring Program and up to $8,000 for Tuition Reimbursement
-
Healthcare
Low-Cost Medical, Dental, Life/Accident/Disability Insurance and Free Vision
-
Healthcare & Dependent Care FSA
Pre-tax employee-funded accounts that cover certain out-of-pocket medical and dependent care expenses
-
Retirement Plans
401(k) Matching up to 8% AND Cash Balance Pension (no cost to you)
Job Details
Requisition ID # 164812
Job Category: Information Technology
Job Level: Individual Contributor
Business Unit: Information Technology
Work Type: Hybrid
Job Location: Oakland; Sacramento
Department Overview
Information Systems Technology Services is a unified organization comprised of various departments which collaborate effectively in order to deliver high quality technology solutions.
Position Summary
We are seeking an experienced and proactive DevSecOps engineer with expertise in Salesforce, Mulesoft platforms to join our Cybersecurity Application Platform Security Team. This role combines expertise in Salesforce, Mulesoft platforms security with a strong foundation in DevSecOps practices to ensure the ‘secure by design’, ‘secure by default’ principles throughout development, deployment, and operation of Salesforce, Mulesoft platforms. The ideal candidate will have hands-on experience with Cybersecurity platforms, with a deep understanding of Salesforce, Mulesoft cloud platforms. This position plays a critical role in assisting customer portfolio teams to secure SaaS, PaaS platforms, maintain compliance and availability.
This position is hybrid, working from your remote office and your assigned work location based on business need. The assigned work location will be within the PG&E Service Territory.
PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed between the entry point and the middle of the range, the decision will be made on a case-by-case basis related to these factors.
This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.
A reasonable salary range is:
Bay Area Minimum: $132,000.00
Bay Area Maximum: $226,000.00
Job Responsibilities
- Secure the Salesforce & Mulesoft Platform: Implement best practices to ensure Salesforce applications are "secure by design" and "secure by default," protecting sensitive data and workflows.
- Experience leveraging Salesforce out of box tools for security enforcing capabilities including but not limited to access control, encryption, threat modeling, vulnerability management and applying industry best practices.
- Provide guidelines on usage of AppExchange / Vendor products versus using out of box capabilities with keen eye for cybersecurity risk.
- Risk Identification & Mitigation: Proactively identify security risks across the Salesforce ecosystem and implement solutions to address vulnerabilities.
- DevSecOps Enablement: Drive DevSecOps practices within the organization by embedding security into the development lifecycle of Salesforce applications. Secure Mulesoft integrations with applications.
- Collaboration with Stakeholders: Partner with various customer portfolio teams to influence their roadmaps, ensuring security is a foundational element in their strategies.
- Data Security & Compliance: Ensure compliance with data protection regulations and implement robust data security measures within Salesforce and integrated systems.
- Cloud Integration Expertise: Leverage your knowledge of AWS to secure integrations between Salesforce, Mulesoft, AWS and cloud-based services.
- Continuous Improvement: Stay up-to-date on emerging threats, trends, and technologies in application security to continuously improve our security posture.
- Communication & Advocacy: Act as a trusted advisor on security matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders.
Qualifications
Minimum:
- Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
- Job-related experience in DevSecOps, DevOps or Security Engineering roles, 3 years
- Experience in IT-Information Technology products, operational processes or utility industry, 8 years
Desired:
- Strong experience with Salesforce architecture, development, and administration with a focus on platform security (e.g., profiles, roles, permissions, encryption).
- Demonstrated ability to integrate security practices into CI/CD pipelines for Salesforce applications.
- Hands-on experience with AWS services (e.g., IAM, S3, Lambda) and securing cloud integrations.
- Proficiency in data protection techniques such as encryption, tokenization, and access controls.
- Relevant certifications in Cybersecurity – SSCP, CISSP, CISM preferred
- Salesforce specific certifications like Salesforce Certified Identity and Access Management, Salesforce Certified Associate, Salesforce Platform App Builder.
- AWS certifications (e.g., AWS Certified Solutions Architect or AWS Certified Security Specialty).
- Experience with regulatory frameworks like GDPR, CCPA, or HIPAA.
Soft Skills
- Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
- Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.
#featuredjob

Jonathan A. Solutions Architect, ExpertPG&E combines an established company’s stability with the autonomy of a startup. I enjoy high levels of trust and openness among my coworkers in a dynamic environment where I’m included in important decision-making discussions. As our company evolves, I look forward to career growth opportunities ahead.
Products & Enterprise Platforms
-
Patti Poppe Becomes the First PG&E CEO to Sign the Disability: IN CEO
In signing the CEO Letter on Disability Inclusion, Poppe commits to benchmark the company’s inclusion efforts and encourages other leaders to join IN.
Learn More -
Life at PG&E
Life at PG&E
Learn More
Related Jobs
- Principal Enterprise Architect Oakland, California
- Principal IT Regulatory Analyst Oakland, California
- Expert IT Ariba Functional Analyst Oakland, California