Skip to main content
Search

Senior Cybersecurity Product Specialist - Security Intelligence & Event Monitoring

I'm Interested Date posted 10/09/2020

Requisition ID # 68880 

Job Category : Information Technology 

Job Level : Individual Contributor

Business Unit: Information Technology

Job Location : Oakland; Sacramento; San Francisco; San Ramon

Department Summary

The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. The Cybersecurity team consists of security professionals in their chosen disciplines, including:

•              Cybersecurity Services

•              Risk & Strategy

•              Security Intelligence & Operations

•              Compliance

Working together, we review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks.

The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesizes current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources.

Position Summary

The Senior Cybersecurity Product Specialist will work closely with Managers, Project Managers, team leaders, specialists, security teams, and subject matter experts. This position maintains, analyzes, develops and delivers Security Intelligence and Event Management solutions.  This position will work closely with our Lines of Business and Security Intelligence Operations Center (SIOC) and be responsible for maintaining and maturing our SIEM Operational program.  Primary responsibilities consist of the day to day operations and maintenance/support of our Cybersecurity Infrastructure technologies.  This position is responsible for troubleshooting complex problems across multiple Operating Systems (Windows Desktops, Windows Servers and Linux) and Environments.

The role will work from your home office through the end of the year. Once a return to the office is identified the work location can be flexible in Sacramento, San Ramon, Oakland or San Francisco. 

Qualifications

Minimum:

  • AA/AS in Computer Science or job-related discipline or equivalent work experience
  • 4 years of IT/Cybersecurity technical experience
  • Administrative experience and technical knowledge in Cybersecurity product support such as: IBM QRadar, XSOAR, OpenText EnCase

Desired:

  • Bachelor of Science in Computer Science or job-related discipline
  • Able to follow Safety First principles
  • 6+ years of relevant technical experience
  • Experience with Security Information and Event Management products
  • Experience in QRadar administration and support
  • Achieve positive results with multiple projects/efforts running simultaneously
  • Scripting experience for automation
  • Familiar with one or more security controls/risk management frameworks (ISO, NIST, etc.)
  • Understanding of risk and security controls
  • Understanding of network protocols, enterprise architecture, and common network logging functions
  • Critical thinking, active listening, and analytical skills with aptitude for tactical solutions that are forward thinking
  • Self-motivated
  • Solid communication skills and ability to interact with clients
  • Skilled at being team player
  • Energizes coworkers, and maintaining a positive attitude towards the team and the business directions

Job Responsibilities

  • Responsible for the Operational management, advanced configuration, monitoring, and reporting of multiple Intelligence and Event Management products
  • Respond immediately to security incidents and provide post-incident analysis
  • Participate in a 24x7 oncall rotation
  • Defend systems against unauthorized access, modification and/or destruction
  • Document and manage Cybersecurity process, procedures, policies, control documentation, etc.
  • Train peer employees in product support, security awareness, protocols and procedures
  • Collaborate with stakeholders and partner teams on the planning, implementation, and rollout of cyber programs and solutions
  • Partner with the groups within Information/Business Technology and the Security Intelligence Operations Center (SIOC)
  • Partner with Cybersecurity, Compliance teams, and other key stakeholders to alert or resolve the detected anomalies
  • Facilitates/Leads Root Cause Analysis
  • Research and recommend security controls and tools upgrades
  • Mentors and trains the support staff and others on the targeted product(s) or service(s)
  • Introduce new innovative solutions that enhance the existing capabilities of the product(s) or service(s) Develop methods of automation and optimization
  • Partner with peers in the accountable planning organization to develop the strategic vision and understand how it applies to the targeted products or services
  • Understand the industry’s product positioning, the product’s key benefits, and the product’s targeted users
  • Partner close with the vendor to influence the product’s future capabilities
  • Work closely with cross-functional teams to troubleshoot and resolve complex operational issues
  • Drive conventions and standards (such as usage or configuration) across multiple products to maximize user experience
  • Act as third-tier support specialist to other IT professionals for escalated operational issues

I'm Interested