Senior Cybersecurity Solution Analyst
Requisition ID # 89114
Job Category : Information Technology
Job Level : Individual Contributor
Business Unit: Information Technology
The PG&E Cybersecurity organization is a dynamic group of security professionals, working to protect our critical assets, highest risks, adapting and growing to meet the challenges from ever-evolving adversaries. The Cybersecurity Risk Management department within the boarder organization focuses on identifying risks, helping partners reduce or mitigate risks, developing initiatives to protect PG&E from cyber-attacks, and engaging with other stakeholders to continually improve PG&E’s security posture. The department provides governance and direction of initiatives to safeguard PG&E’s cyber-assets, working hand in hand with key partners, as well as technical and engineering experts in PG&E’s lines of business. The department performs projects, vendor, and production systems risk assessments to ensure PG&E deploys and manages technology platforms that meet our security standards and regulatory requirements.
The Cybersecurity Risk & Strategy team focuses on identifying risks, helping partners reduce or mitigate risks, developing initiatives to protect PG&E from cyber-attacks, and engaging with other groups to continually improve PG&E’s security posture. As part of the Risk & Strategy Cybersecurity Consulting team, you will concentrate on PG&E efforts related to evaluating cybersecurity projects across the enterprise.
Primary, you will conduct risk assessments on new/existing systems and devices (i.e., firewalls, routers, switches, etc.), and operating systems. You will engage/coordinate with project managers/teams, IT/Cybersecurity peers, and subject matter experts across PG&E, to ID threats, recommend strategies/processes to harden technology assets before deployment.
The position will work from your home office (within CA) for the remainder of this year. Once a return to the office is identified, you may need to report into the office as business needs may require. Work locations can be Concord, San Ramon, Oakland, or Sacramento.
- B.S. degree in Computer Science, Information Systems, or other related field, or equivalent experience
- 3 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience
- Master’s Degree in Computer Science or job-related discipline or equivalent experience
- Utility industry experience
- Experience in IT-Information Technology security, multi-platform, or related
- Experience in Operational Technology security
- ComITIA Security +, SANS, Cisco, GIAC, Microsoft Security, or equivalent Certificates
Knowledge, Skills, and Abilities:
- Knowledge with Microsoft Office, Remedy, SharePoint, Security tools
- Self-motivated with strong attention to work quality and research driven
- Results driven and customer focused with effective communication to peers and clients
- Able to balance workload and competing priorities of the business while maintaining a customer focus
- Multi-Platform knowledge (UNIX/LINUX, Windows Servers/Desktops, Cisco hardware, etc.)
- Ability to influence and lead behavior change
- Competency in making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems
- Competency in making good and timely decisions that keep the organization moving forward
- Competency in developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
- Competency in building partnerships and working collaboratively with others to meet shared objectives
- Ability to energizes coworkers to maintain a positive attitude towards the team and the business directions
- Strong analytical, critical thinking and decision-making skills
- Ability to lead and manage cross-functional compliance projects and initiatives
- Ability to guide and direct junior team members
- Establish and implement strategic communication and messaging plans and ensures alignment and consistency with PG&E branding principles, strategies, and guidelines.
- Develop consulting practice documentation, identifies, and recommends process improvement, and provides guidance to other team members.
- Design of technology solutions supporting business requirements on projects.
- Drive security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle.
- Actively engage with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology projects.
- Actively recommend engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cyber security risks.
- Lead implementation of process improvements and efficiencies.
- Provide peer review and support for organizational deliverables.
- Facilitate / coordinate Cybersecurity activities associated with 3rd party and vendor work efforts.