Join the Clean Energy Revolution

Are you passionate about protecting critical and confidential data from unauthorized access, use, or disclosure? Do you have the skills and experience to develop and implement information protection standards and controls that ensure data security, privacy, and compliance? If so, we invite you to apply to b ecome a Senior Advisor, Information Protection at Southern California Edison (SCE) and build a better tomorrow.

You will be a SME and a leader in the Enterprise Information Governance team, responsible for developing, implementing, and sustaining information protection standards and controls for SCE in areas of Data Classification, Data Sharing, Data Retention, Data Protection, Data Obfuscation, Data Minimization, and other Data Management disciplines. You will collaborate with various data teams across SCE, representing Enterprise Information Governance, and work with Business Unit collaborators such as Legal, Enterprise Risk Management, Supply Chain, IT architects, Cybersecurity, and OU leadership.

• Compliance: Manage operations for SCE's Information Protection Program to ensure NERC CIP compliance including, Program Procedures, Consultations, and annual spot checks for compliance
• Information Protection Standards: Understand business needs and build information protection standards and controls to safeguard critical and confidential data, comply with regulatory requirements, and reduce data related risks including data classification, data loss prevention, encryption, data obfuscation, anonymization, data minimization, and other data protection techniques.
• Subject Manager Expert: Provide domain expertise for 3rd party data sharing controls and management
• Controls: Actively interpret and implement standards and controls. Measure and report performance of enterprise information protection standards and controls to various Sr. Leadership forums.
• Liasion : Actively benchmark with SCE peers and other industry leading standard bodies and vendor partners to continuously improve Information Governance controls.
• Strategic Planning: Based on emerging business risks provide inputs where applicable to strategic longer-term data plans and roadmap.
• Collaboration: Partner with large prioritized programs, initiatives, operating units, and enterprise partners, to adapt and implement information protection standards and controls (e.g., data sharing agreements, data retention policies, data protection solutions).

• Oversees customer fraud prevention activities, mitigates privacy incidents and misuse of customer information
• Develops and reviews information governance policies, standards, presentations, communications and trainings
• Develops materials for internal and external audits, external assessments and regulatory reporting for the management of company information
• Oversees and ensures projects align to information governance policies and standards
• Contributes to product assessments for emerging technology platforms and new service offerings
• Provides complex input to strategic business initiatives within the information governance practice
• Leads the coordination of data quality remediation plans where data fails to meet established Information Governance standards
• Participates in the development, implementation, and maintenance of a Information Governance process framework that integrates with guidance, policies and processes
• Participates in business continuity policy development and process mapping
• Leads efforts to ensure the ongoing support and compliance of the corporate records and information management function and the Data Privacy program
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

• Ten or more years of experience with information governance and data management practices and processes.

• Five (5) or more years of experience in information protection including DLP, data classification, data sharing, data retention, data protection, data obfuscation, data anonymization, data minimization, and other data management disciplines.
• Experience in design, development, and implementation of compliance programs, preferably NERC CIP.
• Experience with procurement / 3rd party data sharing, management, and retention
• Ability to work with cross functional teams including Legal, Enterprise Risk, Business Resiliency, Incident Management, and Cybersecurity.
• Bachelors or Masters degree in Computer Science or equivalent.
• One or more of related certifications, such as:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Systems Auditor (CISA)

• This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.\u202f Unless otherwise noted, employees are required to reside in the state of California.\u202f Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.
• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!

• This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
• Relocation does not apply to this position.