Job Location: Oakland
Department Overview
The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. Working together with IT, we review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks.
The Cybersecurity team takes an initiative-taking approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesize current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources. Position Summary
We are seeking an innovative individual for the Third-Party Security Team. The successful candidate will join a team of Cyber Security analysts to address the increasing cyber risks in supply chain with the focus on meeting third party security requirements. As Senior Solution Analyst, the professional will demonstrate technical and analytical expertise in Third Party risk assessments, remediations, tool improvements, audit of security/privacy controls, and apply sound judgement to security and compliance in the ever-expanding cyber landscape. The Senior Solution Analyst builds and manages relationships with Business Unit partners to understand business requirements, issues resolution, and sustained overall customer satisfaction.
The role is classified as hybrid, working primarily from your remote office with occasional visits to the Oakland General Office, San Ramon or Sacramento offices as business needs require.
PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed between the entry point and the middle of the range, the decision will be made on a case-by-case basis related to these factors. This job is also eligible to participate in PG&E’s discretionary incentive compensation programs. A reasonable salary range is:
Bay Area Minimum: $109,000
Bay Area Maximum: $175,000
Job Responsibilities
Establish and implement strategic communication and messaging plans and ensures alignment and consistency with PG&E branding principles, strategies, and guidelines.
Develop consulting practice documentation, identifies, and recommends process improvement, and provides guidance to other team members.
Design of technology solutions supporting business requirements on projects.
Drive security reviews, identifies gaps in security architecture and designs and recommends vital security controls to be integrated within the development lifecycle.
Actively engage with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology.
projects
Actively recommend engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cyber security risks.
Lead implementation of process improvements and efficiencies
Provide peer review and support for organizational work.
Facilitate / coordinate Cybersecurity activities associated with third party and vendor work efforts. What You Will Get
The opportunity to contribute to a best-in-class security organization for the country’s largest combined gas and electric utility.
Substantial management support for your development and your day-to-day success
Autonomy to make decisions in a rapidly growing team.
Best in class perks and benefits
Qualifications
Minimum:
Bachelor’s degree in computer science or related field, or equivalent work experience
3 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience
CompTIA Security+, SANS, Cisco, GIAC, Microsoft Security, or equivalent certificates or ability to obtain within 12 months. Desired:
Utility industry experience
Experience in IT-Information Technology security, multi-platform, or related
Experience in Operational Technology security