Engineer I through Engineer Lead - Digital Grid Managment / Security Operations Center

About The Position

Requirements

• 2+ years of cybersecurity or information technology experience is required for Engineer I.
• 3–4+ years of cybersecurity or information technology experience is required for Engineer II.
• 2+ years of cybersecurity systems support experience is required for Engineer II.
• 5–7+ years of cybersecurity or information technology experience is required for Engineer Lead.
• 4+ years of cybersecurity systems support experience is required for Engineer Lead.
• 2+ years of cybersecurity monitoring experience is required for Engineer Lead.
• Ability to obtain or complete certifications in industry‑specific and technical fields, such as North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), Computing Technology Industry Association (CompTIA) Security+, International Information System Security Certification Consortium ((ISC)²) Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH).
• Technical understanding of network concepts, protocols, services, and operating systems.
• Proven analytical, problem‑solving, and research skills with the ability to defend analysis.
• Advanced verbal and written communication skills.
• Ability to work in an open and collaborative environment.
• Strong technical understanding of: Network concepts, protocols, services, and operating systems; Security Information and Event Management (SIEM) systems; Email security systems; Intrusion Prevention Systems (IPS); Web security systems; Application control systems; Endpoint Detection and Response (EDR) systems; Security Orchestration, Automation, and Response (SOAR) systems; Anomaly detection systems; Windows Server and Red Hat Linux environments; Python, Regular Expressions (RegEx), and Structured Query Language (SQL); Amazon Web Services (AWS) cloud security; Microsoft Azure cloud security; Containerization technologies (e.g., Docker, Kubernetes) and orchestration tools; Vulnerabilities and exploitation methods used by attackers.
• Completion of certifications in industry‑specific and technical fields, such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Cisco Certified Network Associate (CCNA).
• Strong technical understanding of vulnerabilities and how attackers exploit them.

Nice To Haves

• 2+ years of experience in cybersecurity monitoring using security tools is encouraged to apply for Engineer I.
• 2+ years of cybersecurity monitoring experience using security tools is encouraged to apply for Engineer II.
• Bachelor’s degree in Engineering, Information Technology, Computer Science, Cybersecurity, or another related field is encouraged to apply.
• Bachelor’s degree in Engineering, Information Technology, Computer Science, Cybersecurity, or another related field is encouraged to apply for Engineer Lead.

Responsibilities

• Supports and acts as a subject matter expert for existing security technologies by administering, integrating, maintaining, and troubleshooting systems to ensure a strong security posture.
• Supports onboarding of new security technologies by working with project and vendor teams to ensure production system readiness from both operational and technical perspectives.
• Identifies information gaps that may reveal potential short‑ and long‑term threats and recommends security enhancements to management or senior Technology staff.
• Implements developed use cases to improve overall Security Operations Center (SOC) threat detection capabilities.
• Produces and reviews reports and presentations for management, including security recommendations on technology security vulnerabilities, existing controls, and future direction.
• Provides incident management support and ensures incidents are minimized through design, tools, and processes.
• Serves as an escalation point for security analysts and assists in problem‑solving by providing cybersecurity expertise and knowledge of the corporate technology environment.
• Establishes and maintains relationships with various Oncor workgroups, as well as internal and external stakeholders, for risk and issue management.
• Ensures leadership is informed of technical and regulatory changes in the security landscape.
• Acts as a change agent to drive and adapt to organizational changes.
• Demonstrates strong interpersonal skills, a positive attitude, and the ability to thrive in a fast‑paced environment.
• Self‑motivated and results‑oriented with a passion for delivering above‑average performance in a proactive manner.
• Performs all essential job functions and any other specific job requirements as assigned.
• Implements and manages security infrastructure to ensure secure deployment and operation of applications both within and outside of the SOC.
• Integrates diverse technologies across multiple environments to provide monitoring, alerting, and reporting.
• Develops use cases for existing and future security technologies to enhance SOC detection capabilities.
• Develops and maintains security‑related documentation, including procedures, guidelines, and best‑practice posture.
• Assesses and enhances system security, identifying and mitigating risks.
• Supports existing security technologies by working with SOC and vendor teams to ensure production systems are operational from a technical perspective.
• Responsible for onboarding new security technologies by working with project and vendor teams to ensure production system readiness.
• Develops and improves automation for repetitive SOC tasks.
• Supports cybersecurity investigations Cyber Security Incident Response Plan (CSIRP) and provides recommendations to management.
• Performs technical reviews of documentation to ensure computer security integration and compliance with regulations, including North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), Sarbanes‑Oxley Act (SOX), and International Organization for Standardization (ISO) standards.
• Provides direct oversight of the following directives within the Digital Grid Management Security team: Change Management, Use Case Development, Automation Development.
• Supports development of SOC Engineering staff into subject matter experts by educating them in administering, integrating, maintaining, and troubleshooting systems.
• Reviews and updates a detailed product roadmap of current and future SOC technologies.
• Reviews and finalizes weekly, monthly, quarterly, and annual reports and presentations for management, including security recommendations and technology vulnerability assessments.
• Evaluates and recommends new security technologies that enhance SOC capabilities.
• Serves as a “360‑degree thinking” tollgate to ensure One Technology orchestration and alignment prior to rollout of significant technology changes.
• Effectively communicates and navigates disruptions that may arise with technology delivery, protection, and operations.
• Oversees assigned SOC operations and guides transformation, change, and continuous improvement efforts to support business outcomes.
• Continuously develops training and progression plans for SOC Engineering staff.

Benefits

• Annual incentive program.
• Competitive health and welfare benefits (medical, dental, vision, life insurance)
• Ability to earn wellness incentives (up to $2,300 in 2026 as an Employee only) and other wellbeing resources.
• 401k with dollar-for-dollar company match up to 6%.
• 401k match with student debt program.
• Cash balance pension plan.
• Adoption Assistance.
• Mental health resources.
• Employee resource groups.
• Tuition reimbursement.
• Competitive vacation, 10 company holidays and 2 personal holidays.
• Paid parental leave.
• Salary continuation for up to 6 months for approved employee illness or injury.
• Other perks such as commuter benefits, electric vehicle incentive program, appliance purchase plan.