Vacancy expired!
- 5 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience
- Experience in IT-Information Technology security, multi-platform, or related
- Experience in Operational Technology security
- Microsoft Office, Remedy, SharePoint, Security tools
- Able to follow Safety First principles
- Results driven and customer focused
- Attention to work quality and research driven.
- Effective communication to peers and clients.
- Able to balance workload and priorities
- Able to balance the priorities of the business and maintain/stay customer focused
- Multi-Platform knowledge (UNIX/LINUX, Windows Servers/Desktops, Cisco hardware, etc.)
- Ability to influence and lead behavior change Competency in making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems
- Competency in making good and timely decisions that keep the organization moving forward
- Competency in developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
- Competency in building partnerships and working collaboratively with others to meet shared objectives
- Ability to energizes coworkers to maintain a positive attitude towards the team and the business directions
- Strong analytical, critical thinking and decision-making skills
- Ability to lead and manage cross-functional compliance projects and initiatives
- Ability to guide and direct junior team members
- Minimum Certification: ComITIA Security +, SANS, Cisco, GIAC, Microsoft Security, or equivalent Certificates
- Desired Certification: Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
- Advanced knowledge of Cyber/information security management policies, procedures, regulations and governance processes, Information Systems/Network Security, System Security Analysis, Information Assurance Compliance
- Advanced knowledge of Risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems
- Advance working knowledge of applicable and accepted security standards and framework (NIST, ISO, etc.).
- Advance knowledge of information security laws, concepts, strategies, computer networking, and cyber security - including topologies, protocol as needed to perform at the job level
- Advanced knowledge and understanding of regulatory and compliance requirements such as SOX, NERC CIP, CCPA, HIPPA, NRC, etc.
- Lead project and vendor engagements and technology assessments to understand capabilities of required systems or networks
- Identify and recommend cyber strategies for technology development based on stakeholder requirements
- Own and document the implementation of the security controls and creates auditable evidence of security measures
- Develop and recommend security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
- Translate security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
- Document and manage Cybersecurity process, procedures, policies, control documentation, etc.
- Develop effective metrics to track, report on and improve overall department performance.
- Assist in the development and implementation of guidelines and process documentation.
- Assist with the implementation of process improvements and efficiencies.
- Support relationships with business units.
- Assist in designing control risk mitigation plans and support business implementation.
- Monitor the IT regulatory landscape for emerging regulations and assesses impacts to PG&E control framework and risk strategy.
- Assist in the development and implementation of guidelines and process documentation.
- Provide guidance on the identification, documentation and testing of key controls for assigned complex business processes.
- Assist in the design of technology solutions supporting business requirements on projects.
- Assist in security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
- Assist in the implementation of process improvements and efficiencies
- Establish and implement strategic communication and messaging plans and ensures alignment and consistency with branding principles, strategies, and guidelines.
- Develop consulting practice documentation, identifies and recommends process improvement, and provides guidance to other team members
- Design of technology solutions supporting business requirements on projects.
- Drive security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
- Actively engage with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology projects
- Actively recommend engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cyber security risks
- Lead implementation of process improvements and efficiencies.
- Provide peer review and support for organizational deliverables
- Facilitate / coordinate Cybersecurity activities associated with 3rd party and vendor work efforts
Vacancy expired!