Senior Critical Infrastructure Security Specialist

Requisition ID # 169492 

Job Category: Real Estate / Facilities 

Job Level: Individual Contributor

Business Unit: Information Technology

Work Type: Hybrid

Job Location: Oakland

Department Overview

The Corporate Security function is led by PG&E’s Senior Director and is responsible for security and risk management across the organization. The Corporate Security Department partners with Cybersecurity and other functional areas and is responsible for the physical security and risk management of all PG&E assets and resources. The Critical Infrastructure Protection and Compliance team ensures the physical protection and compliance of the company’s critical assets for Electric, Power Generation and Gas functional areas.

Position Summary

The Senior Critical Infrastructure Security Specialist is responsible for physical security and compliance regulations related to standards and guidelines provided by agencies such as FERC/NERC/WECC, CPUC, TSA, or DOT. In this role, you will manage complex issues with minimal supervision, conduct threat and vulnerability assessments, security, and compliance audits at critical assets, and serve as a main point of contact and SME for assigned regulations and facilities across PG&E’s territory.

The position will require verification of physical protection system performance, recommend improvements, conducts in-depth compliance analysis and periodic penetration testing. Documentation requirements include the writing of complex threat and vulnerability assessments, mitigation plans, security plans, compliance artifacts, procedures, training material, and compliance reports. You will develop strong partnerships with internal/external stakeholders and respond to emergency events as needed. You may also respond to physical security related issues, provide audit or financial testimony, requests for information, emergency planning, and incident response.

The headquarters location is in Oakland but may be flexible with other work locations. Extensive travel is required within PG&E territory and may require weekend and after-hours support.

Disclosure:

PG&E is providing the salary range that can reasonably be expected for this position at the time of the job posting. This salary range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, internal equity, specific skills, education, licenses or certifications, experience, market value, and geographic location. The decision will be made on a case-by-case basis related to these factors.​ This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.

Pay Range display:

Bay Area range $102,000 - $139,700/year

CA range $97,000 - $133,100/year

Job Responsibilities

• Conducts complex physical security surveys, conducts complex threat and vulnerability assessments, risk mitigation, and site-specific security plans.
• Main liaison for all security and compliance related matters for assigned area of responsibility, including security operation center, solutions delivery, and internal/external business partners.
• Trains career-level specialists on conducting complex threat and vulnerability assessments, risk mitigation, and site-specific security plans.
• Assists in updating documents as necessary in compliance regulations and company standards.
• Builds and maintains strong working relationships with key internal/external compliance points of contact, relationships with CSD partners, Functional Areas (FA), and law enforcement.
• Partner with Project Delivery Team and business partners (FAs) to complete all upcoming projects requiring compliance controls and security integration.
• Work with external clients (i.e., security service vendors and private security organizations) on various projects to ensure that alarms, access controls, intrusion detection, and camera equipment are operational and effective for the intended purpose.
• Work with internal clients, project managers, security operations center, and IT network support on projects.
• Provide technical support to Corporate Security Department (CSD) Investigative Unit and Emergency Planning groups.
• Respond and support emergency events throughout the PGE territory.
• Assess existing security practices and systems, compliance obligations, identify deficiencies and recommend solutions to management.
• Conduct site surveys and physical security assessments at PG&E facilities.
• Prepare written and verbal reports identifying security gaps and provide recommendations for alternative security measures.
• Where applicable, ensure that post order requirements and expectations for sites in areas of responsibility are being met.
• Ensures the safety and security of assigned facilities by assessing vulnerabilities in physical security protection (i.e., physical access, video systems, and locks) and perform site penetration testing.
• Responds to security incidents at assigned facilities and identifies and executes appropriate response to security issues.

Qualifications

Minimum:

• High school diploma
• 6 years of related military, law enforcement, or corporate security experience or relevant security experience.
• Ability to pass and maintain NERC/CIP background check
• CA Driver’s license or ability to obtain by first day of hire
• Frequent travel over a large territory
• Must attain ASIS PSP or CPP certification within 3 years of hire
• Fluency in MS Office applications

Desired:

• BA or BS in criminology, criminal justice, or similar field of study
• Ten (10) years of related military, law enforcement, security technology, or relevant experience
• Five (5) years background in Critical Infrastructure Protection or counter terrorism with a utility or Government Agency under federal, state, or local requirements
• ASIS certified Physical Security Professional (PSP) or Certified Protection Professional (CPP)
• Experience with physical security protection systems/ civil and technology solutions
• Experience implementing and maintaining FERC/NERC/CPUC/TSA or DOT security regulations
• Previous experience working for a utility in a related field for electric, hydro, or natural gas
• Business acumen, problem solving, change management and comfortable with ambiguity
• Project management experience regarding security installation processes
• Compliance investigations, audits and providing oral or written testimony
• Ability to build and maintain strong partnerships across various internal and external groups
• Strong presentation and facilitation skills
• Strong oral and written communications skills
• Experience managing the physical security of a large, multi-site enterprise
• Experience acting as Law Enforcement liaison
• Ability to shift priorities and multitask
• Must be able to do frequent lifting and/or moving up to 10 pounds, occasional lifting and/or moving up to 25 pounds; carry up to 35 pounds of equipment on person daily; and do additional lifting and/or moving ability as required by the job