Get Into Energy Jobs

Job Information

Southern California Edison Cybersecurity Threat Hunting Senior Specialist [HYBRID] in Rosemead, California

Job Description

Join the Clean Energy Revolution

Become a Cyber Security Threat Hunting Senior Specialist at Southern California Edison (SCE) and build a better more sustainable tomorrow.

The Cyber Security Threat Hunting Senior Specialist is with Cybersecurity Analysis Intelligence and Response IT organization. This position is primarily responsible for threat hunting, which includes proactively searching through networks, endpoints and databases for security vulnerabilities. This position utilizes expertise in Critical Infrastructure Protection and Communications standards, in-depth analysis of high-level technical risk and the associated Cybersecurity management controls.

Additionally, the work performed by this position applies a strong knowledge of risk management, risk identification and recommendations for remediation, internal control architecture, regulatory and legal requirements; as well as experience in developing Indicators of Compromise and detection signatures, effectively working with team members, developing leading-edge automated controls monitoring solutions, reporting status, and recommending control improvements to Senior Management. Works closely with various organizations to keep their computer information systems secure. Using a multi-layered approach, they use their specialized expertise and up-to-date knowledge to help protect against Web threats that facilitate cybercrime, including malware, phishing, viruses, denial-of-service attacks, information warfare and hacking.

A day in the life - Get ready to think big, work smart and shine bright!

  • Develop, maintain, and socialize both group-specific and enterprise cybersecurity policies and standards.

  • Identify and track threat actor groups their techniques, tools, and procedures (TTP) while maintaining current knowledge of tools and best practices of Advanced Persistent Threats (APT).

  • Participate in Hunt missions using threat intelligence, analysis of anomalous log data, and results of brainstorming sessions to detect and eradicate threats

  • Experience using large data sets to conduct research, discover relationships and correlate threat data from various sources including passive total, open-source repositories, threat intelligence, and malware repositories

  • Use the MITRE ATT&CK framework to analyze malicious campaigns and evaluate the effectiveness of security technologies

  • Provide expert analytic investigative support for critical security incidents

  • Create security techniques and automation for internal use that enable the team to operate at high speed and broad scale

  • Work with our Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise

  • Capable and comfortable communicating information to both technical and executive-level stakeholders

  • Have a deep understanding of the threat landscape and are experienced in applying that knowledge to identify trends to anticipate shifts in TTPs and to create detections

  • Can demonstrate experience in conventional network\host-based intrusion analysis, digital forensics or handling malware

  • Comfortable assessing cyber threat intelligence, open source intelligence or partner reporting

  • Real-world, hands-on experience dealing with sophisticated malware and dynamic cyber threat actors

  • Experience in a security operations center or similar environment tracking threat actors and responding to incidents

  • Must be able to work in a dynamic, fast-paced and challenging role

  • Have knowledge of different operating system platforms (Windows, Unix, Mac)

  • Contribute to the continuous improvement and growth of the SOC (Security Operation Center), Incident Response tools/technologies, processes and procedures.

  • Network penetration testing and manipulation of network infrastructure

  • Developing, extending, or modifying exploits, shellcode or exploit tools

  • Reverse engineering malware, data obfuscators, or ciphers

  • Source code review for control flow and security flaws

  • Create and analyze assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

  • Develop tools and scripts to automate and improve current pentesting processes

  • Identifies enterprise-level cybersecurity threats and risks with teams monitoring operational tools in order to reduce risks and vulnerabilities to enterprise

Qualifications

The essentials

  • 5 years of experience in the field of Cybersecurity.

  • Threat hunting missions using threat intelligence, analysis of anomalous log data, and results of brainstorming sessions to detect and eradicate threats.

The preferred

  • TS/SCI clearance

  • Bachelor Degree in specialized field or an equivalent combination of education, training, and experience.

  • Have the ability to hold a Secret clearance.

  • Experience with integrating NIST 800-82 control systems standards into existing Cybersecurity standards.

  • Possess one or more of the following Information Security certifications: CISSP, GSEC, CRISC, GREM, GNFA, CCNA or other related certifications.

You should know

  • Work Mode: This position’s work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to reside in the state of California. Further details of this work mode will be discussed at the interview stage.

  • Must be a U.S. Citizen

Relocation

  • Relocation may apply for this position.

Testing

  • This position requires testing and applicants who are identified to continue through the selection process will be invited to test via email. Please access ourInformation Guides (https://www.edison.com/home/careers/guides-for-pre-employment-tests.html) to reference test(s): Edison Individual Contributor Workstyles (Test 8203). Candidates who have previously passed these assessment(s), in some cases, may not need to retest again for this position.

NERC/CIP

  • This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties

About Southern California Edison

The people at SCE don't just keep the lights on. Our mission is so much bigger. We’re fueling the kindof innovation that’s changing an entire industry, and quite possibly the planet. Join us and create afuture with cleaner energy, while providing our customers with the safety and reliability they demand.At SCE, you’ll have a chance to grow personally and professionally, making a real impact in SouthernCalifornia and around the world.

At SCE, we celebrate our differences. We are a proud Equal Opportunity Employer and will notdiscriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin,age, disability, protected veteran status or any other protected status.

We are committed to ensuring that individuals with disabilities are provided reasonableaccommodation to participate in the job application or interview process, to perform essential jobfunctions, and to receive other benefits and privileges of employment. Please contact us to request

accommodations at (833) 343-0727.

*LI-HY1

DirectEmployers