Cybersecurity Cloud Security Advisor

Hiring Manager: Christopher Warren Fiorille

Job Abbreviation: CYB900_P4_E

Pay Grade: CDPENT-16

Pay Range: $146,700.00 -$220,100.00

Join the Clean Energy Revolution

Become a Cybersecurity Cloud Security Advisor at Southern California Edison (SCE) and build a better tomorrow. In this job, you will be responsible for the evaluation and management of cloud Cybersecurity technologies. You will validate and ensure secure configuration of SCE's cloud computing and other technology infrastructure environments ensuring Cybersecurity solutions are integrated within multiple cloud & hybrid cloud environments. Your expertise will be critical to ensure Cloud Security Posture Management, API security, container security and many more SCE Enterprise and Grid modernization efforts are successful.

• Design, implement and operate advanced cloud security solutions.
• Provide deep technical cybersecurity domain expertise with respect to cloud security posture management, threat detection and remediation, and Implementation of continuous monitoring.
• Improve the posture of cloud infrastructure designs and align them with strategic objectives and best practices.
• Develop cloud capabilities and evaluate innovative approaches to cloud security enhancements and processes.
• Great communication skills are essential for this role, as you will be responsible for documenting security procedures, presenting findings to both technical and non-technical audiences, and collaborating with cross-functional teams.
• Have a systems thinking approach to understand the interconnectedness of various systems, processes, and technologies, enabling you to identify potential security risks and implement comprehensive solutions that address underlying systemic issues, rather than just fixing the symptoms.
• Work closely with cross-functional teams to identify areas for improvement, implement security best practices, and facilitate continuous improvement initiatives that enhance the organization's security posture.
• Mentor and provide guidance to junior security engineers, fostering a collaborative learning environment and promoting the development of their technical and soft skills.
• Lean into DevOps methodologies to champion a culture of collaboration, automation, and continuous improvement by being adaptive and iterative, collaborating with cross-functional teams to ensure that security is integrated into the development process, and continuously delivering secure and compliant solutions in a timely manner.

• Manages cyber security project delivery by ensuring the cyber security team delivers on success criteria
• Delivers project reporting for assigned projects, conducts critical analysis of project status, potential risks, and continual process improvement
• Coordinates and performs appropriate maintenance to ensure reliable and secure performance of the security systems, including applying security patches, implementing version upgrades, modifying, and improving services and performing ongoing operational management tasks
• Contributes to an overall cyber security governance strategy, standards, and operational procedures
• Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes
• Prepares and updates Plan of Actions & Milestones (POA&M) that identify security weaknesses and establishes milestones and compensates controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation
• Oversees the production of evidence to support internal and external audits
• Provides Cyber Security and risk assessments for new networks, services and devices as the need arises
• Drives periodic monitoring of audit logs in accordance with requirements, and reports findings and concerns for further analysis and action, inclusive of breach notification and initiation of incident response, in accordance with protocols and procedures
• Delivers programs and processes to reduce information security risk and strengthen SCE's security posture
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

• Seven or more years of experience in information technology, information security and/or cybersecurity.
• US Citizenship Required.

• Bachelor's degree or higher Information Security, Computer Science, Information Systems, Technology, Engineering or related specialized field.
• Professional design and implementation experience in Cloud Infrastructure in enterprise scale networks.
• Experience in a technical Cybersecurity discipline.
• Possess one or more of the following Information Security certifications: CISSP, GSEC, CRISC, CCSK, Certified Information Security Manager (CISM), GWEB, GCTD, GCFR, GCPN, or similar professional certifications.
• Possess one or more Cloud provider certifications OR Certifications related to Cloud Providers and services: Microsoft Azure Certifications, Google Cloud Certifications, Amazon Web Services Certifications, GCSA, GPCS or similar professional certifications.
• Ability to develop communication materials and facilitate decision-making conversations with executive/ senior leadership teams.
• Experience in DevOps and Agile methodologies
• Experience with Development tooling: CI/CD pipelines, Git, Ticketing systems
• Solid understanding of threat modeling
• Strong understanding of basic communications protocols and networking
• Experience and working knowledge of containers and container platforms
• Superb communication and collaboration skills, with the ability to work effectively with multi-functional teams.
• Strong analytical and problem-solving abilities, with a keen attention to detail.

• This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.\u202f Unless otherwise noted, employees are required to work and reside in the state of California.\u202f Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.
• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!
• Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

• The primary work location for this position is Rosemead, CA. However, the successful candidate may also be asked to work for a period out in the field throughout the SCE service territory.

• Position will require up to 5-10% traveling between alternate SCE location sites.

• This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.

• Relocation may apply to this position.