Join the Clean Energy Revolution

Become a\u202f Cyber Threat Senior Specialist\u202f atSouthern California Edison (SCE) and build a better tomorrow. In this job, you'll play a pivotal role in safeguarding critical infrastructure by proactively identifying, analyzing, and mitigating potential cyber threats to grid systems. You'll utilize your technical cyber skills and collaborate with cross-functional teams to ensure the resilience and reliability of utility operations; this role will play a big part in minimizing the risk of disruptions and protecting essential services for communities.

Additionally, you'll be responsible for:

• Real-time Threat Monitoring: Conduct monitoring and analysis of security alerts and incidents generated by security tools\u202fto identify and promptly respond to potential threats.\u202f

• Incident Response: Participate in the investigation and remediation of cybersecurity incidents within the OT environment and collaborate with cross-functional teams to execute incident response plans.

• Security Information and Event Management (SIEM): Create, tune and curate existing and new security alerts related to grid environments, systems, and projects.\u202f

• Assisting with the development and implementation of detection rules for identifying anomalies and threats in the OT environment.

• Working as a liaison between IT/OT domains, the lines of business, and the Cybersecurity team to ensure full and complete operations of security controls and monitoring tools.

• Collaborating closely with cybersecurity counterparts to ensure a cohesive security posture across both IT and OT domains.

• Staying up to date on the latest OT cybersecurity trends, threat intelligence, and best practices.

• Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems
• Carries out project reporting for assigned projects, monitoring project status, timeline and budgets
• Assists in the planning and implementation of current and future security domains including those which may introduce new service areas
• Adopts and follows security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams
• Monitors technology risk, identifies root cause or key themes, recommends for resolution
• Investigates suspected attacks and manages security incidents. Uses forensics where appropriate
• Reviews and shapes the production of evidence to support internal and external audits
• Implements appropriate security measures for information systems and applications that control access to data, and prevents unauthorized modification, destruction, or disclosure of information
• Develops and maintains metrics, alerts, dashboards, and reports for security monitoring
• Maintains incident response plans and performs incident response activities as directed and in accordance with established procedures and guidelines and those of federal authorities
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

• Five or more years of experience in information technology, information security and/or cybersecurity.
• US Citizenship Required.

• Experience working with a SIEM platform (eg Splunk), developing detections and cyber monitoring use-cases.

• Bachelor's degree in related field.
• Experience supporting cyber defense analysis of Operational Technology (OT) Networks to include Industrial Control Systems (ICS), SCADA, and Process Control Networks (PCN).

• Strong knowledge of ICS/OT detection tools, as well as experience with network security solutions, including firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS).

• Experience working in a Security Operation Center or Incident Response team.
• Experience working in Threat Hunting roles and/or\u202fCyber Threat Intelligence functions.
• Security +, CISSP, GCIA, GCIH, GMON, GICSP, GRID, etc.\u202f

• This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.\u202f Unless otherwise noted, employees are required to reside in the state of California.\u202f Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!
• US Citizenship required as part of Critical Infrastructure security protocols.

• Relocation may apply to this position.