Get Into Energy Jobs

Job Information

Southern California Edison Cybersecurity Specialist in Rosemead, California

Job Description

Join the Clean Energy Revolution

Become a Cybersecurity Specialist at Southern California Edison (SCE) and build a better tomorrow. In this job, you’ll perform complex technical analysis for new and existing technologies, vendors, and hardware. You will utilize cutting edge cyber technology in making secure design recommendations and identifying threats, and vulnerabilities with technology implementations, and current production systems. Collaboration with other cybersecurity teams such as incident response and engineering to help make risk-based decisions to increase the cybersecurity risk posture of the Enterprise. You will collaborate with other team members on current vulnerabilities, and threat actor’s tactics, techniques, and procedures. Your participation in risk hunting activities will allow proactive identification of existing risks. Your contributions will directly protect critical infrastructure and the strategy to protect it.

As a Cybersecurity Specialist , your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?

A day in the life - Get ready to think big, work smart and shine bright!

  • Conduct cybersecurity risk assessments on vendors to identify security deficiencies of the vendors security posture utilizing passive traffic analysis techniques with commercially available technology and open source tools. Utilize Open Source Intelligence (OSINT) platforms and threat intelligence software to understand potential threat of breach to vendor and historical security incidents to communicate basic recommendations of compensating controls. Determines deviations from standards, policies, or contractual terms and conditions. Applies industry best practice methodology to determine the impact of a realized incident to the organizations data/infrastructure of the identified vulnerabilities and develops and/or recommends appropriate mitigation countermeasures to remediate or mitigate risk to the organization.

  • Conduct cybersecurity penetration testing to perform complex technical analysis on vendor’s software and hardware by configuring commercially available and open source technology to identify insecure configuration settings and software vulnerabilities to recommend the most efficient implementation techniques and tools for solutions to address system deficiencies or consider alternative system planning and design. Reviews Third Party Audit Documentation, Penetration Testing Reports, and Security Certifications for Equipment and Secure Code Design to understand and communicate potential risk to the organization. Determines deviations from standards, policies, or contractual terms and conditions. Applies industry best practice methodology to determine the impact of a realized incident to the organizations data/infrastructure of the identified vulnerabilities and develops and/or recommends appropriate mitigation countermeasures to remediate or mitigate risk to the organization.

  • Conduct cybersecurity risk assessments on Cybersecurity Exception requests which deviate from Cybersecurity Policy, Standards, or Contractual Terms and Conditions by utilizing the appropriate commercially available or open source technology for information gathering purposes to apply industry best practice methodology to determine the impact of a realized incident to the organizations data/infrastructure of the identified vulnerabilities and develops and/or recommends appropriate mitigation countermeasures to remediate or mitigate risk to the organization.

  • Conduct cybersecurity risk hunting use cases to identify vulnerabilities, insecure configurations, and insecure business practices within the production environment or with critical data utilizing commercially available and open source technology. Analyze and assess discovered vulnerabilities in the infrastructure (software, hardware, networks), to recommend available tools and countermeasures to remediate or mitigate risk. Techniques used during risk hunting activities will align with current industry hacking trends, and threat intelligence reports from relevant advanced persistent threat actors tactics, techniques, and procedures to the utility sector.

Qualifications

The essentials

  • 3 or more years’ experience in Cybersecurity and/or IT.

The preferred

  • Bachelor’s degree in information security, cyber security, or related field

  • Active CEH, GSEC, OWASP, CISSP, or similar certifications, or able to obtain

  • Experience with risk assessments and/or penetration testing using open source or commercially available technology

You should know

  • When a return-to-office date has been determined, this position’s work mode is hybrid . The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to reside in the state of California. Further details of this work mode will be discussed at the interview stage.

  • Visit our Candidate Resource page (https://www.edisoncareers.com/page/show/Candidate-Resources) to get meaningful information related to benefits, perks, resources, testing information, and hiring process, and more!

  • This position requires testing and applicants who are identified to continue through the selection process will be invited to test via email. We invite you to visit our Candidate Resource page for further information and to access information guides. For Information Guides (https://www.edison.com/home/careers/guides-for-pre-employment-tests.html) , please reference test 8203- Edison Individual Contributor Workstyles. Candidates who have previously passed these assessment(s), in some cases, may not need to retest again for this position.

  • US Citizenship required as part of Critical Infrastructure security protocols.

  • This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.

  • Relocation may apply to this positon

About Southern California Edison

The people at SCE don't just keep the lights on. Our mission is so much bigger. We’re fueling the kind of innovation that’s changing an entire industry, and quite possibly the planet. Join us and create a future with cleaner energy, while providing our customers with the safety and reliability they demand. At SCE, you’ll have a chance to grow personally and professionally, making a real impact in Southern California and around the world.

At SCE, we celebrate our differences. We are a proud Equal Opportunity Employer and will not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other protected status.

We are committed to ensuring that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations at (833) 343-0727. #L1-KH1

DirectEmployers