Southern California Edison Security Engineer in Alhambra, California
ENERGY FOR WHAT’S AHEAD
Are you looking to make a difference in your career? We’re working on smarter grids, cleaner energy and tools to help people manage energy more efficiently.
About Information Technology at SCE
The role of IT goes beyond the traditional Information Technology “service provider.” Many of the innovative ideas and projects that shape the company’s future and move SCE forward are dependent on technology. IT employees are at the heart of these projects, collaborating, designing and executing technology solutions that are transforming our industry.
This position is part of Southern California Edison’s Grid Security Operations Center (GSOC) organization supporting SCE’s internal data network which connects and sustains the Bulk Electric System. The GSOC team also supports escalated incidents for SCE’s corporate IT infrastructure, and is a 24x7x365 operations business unit. SCE’s complex network generates a constant stream of challenges which requires employees to be continually innovative to accommodate an evolving set of technologies. Keeping the network reliable ensures that SCE continually powers Southern California.
The primary function of this position is to provide security monitoring and promote availability by responding to security events and possible incidents and minimize adverse impact to business operations by:
Performing accurate and meticulous real-time security event analysis with security monitoring systems, security devices such as network security infrastructure (multivendor firewall, device posturing, secure authentication and authorization servers, intrusion prevention systems, network packet analysis, vulnerability assessments, network asset-management, incident response, machine generated log analysis, log retention, and network anomaly detection and alerting) and through document repositories.
Logging all incident details, allocate categorization, and prioritization codes to properly escalate to meet client service level agreements and escalating incidents that cannot be resolved within agreed timescales.
Communicating with clients to provide incident progress and notifications.
Preventing security incidents through pro-active event monitoring and interrogating Grid and IT enterprise systems.
Maintaining an awareness of constant change occurring in the network, systems and application areas to facilitate the identification, analysis, and resolution of potential problems before they are visible to the client.
Enforcing monitoring requirements prior to deployment of new IT infrastructure.
Participating in creating knowledge articles for handling monitoring exceptions.
Partnering with technology owners to maintain an ongoing support model, documentation, and knowledge for IT infrastructure.
Strong communication and negotiation skills are critical when working closely with clients and system engineers to correct issues quickly. Helps strengthen relationships with key clients to provide continual business improvements. The individual is expected to review and make recommendations for process improvement. Recommends and conducts system planning for alternate methods to improve operational support and system quality. The individual will receive general instruction on new systems and procedures. Assists in the development of standards and procedures on new technologies, to be reviewed by peers and Management. Maintains a positive working relationship with peers and vendors in order to obtain optimum service and may provide functional direction to other technical personnel.
Responsible for providing security monitoring services to internal clients by gathering security events from Security Information Event Management (SIEM), security devices and appliances, network devices and computers in SCE Grid and Enterprise network.
Review, analyze and consult with Cybersecurity and IT support personnel to ensure effective and efficient operational procedures.
Maintain an awareness of changes occurring in the network, systems and application areas.
This position will require making knowledgeable decisions on Security Event/Incident Management techniques, coordinating and implementing of solution(s) that meet business unit needs and promote IT standards and processes.
3 years of experience with Network technology support on troubleshooting network connectivity issues for end devices.
2 years’ experience in a Security Operations Center (SOC), or Tier 2 support/analyst role supporting a large enterprise company’s network/security systems and/or infrastructure and providing performance analytics or related functions.
2 years’ experience configuring, tuning, and performing in-depth analysis in Security and Security related tools.
2 years of experience using strong communication skills both verbally and in writing to peers, tiered support and our user community.
Bachelor's Degree Information Security, Computer Security, Network Technologies or Information Technology/Information Systems.
Security +, CISSP certification, GSEC: SANS Security Essentials.
3 years of experience in the field performing analysis or related functions and providing recommendations.
4 or more years’ experience working in Networks and IT.
3 or more years’ experience configuring, tuning, and performing in-depth analysis in Security and Security related tools.
3 or more years’ experience with real-time event analysis.
Familiarity with Splunk Enterprise Security (ES) SIEM to perform event monitoring of the environment.
Familiarity with Host Based security tools and technologies and monitoring.
Familiarity with technologies such as Firewalls, Intrusion Detection/Prevention and Vulnerability Management, and Security Monitoring.
Recognized internally as an expert in the field.
Candidates for this position must be legally authorized to work directly as employees for any employer in the United States without visa sponsorship.
Relocation does not apply to this position
There are 2 vacancies for this posting.
This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
Southern California Edison, an Edison International (NYSE:EIX) company, serves a population of nearly 14 million via 5 million customer accounts in a 50,000-square-mile service area within Central, Coastal and Southern California. Join the utility leader that is safely delivering reliable, affordable electricity to our customers for over 125 years.
SCE is a proud Equal Opportunity Employer and will not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other protected status.