Security & Compliance, Advisor

Southern California EdisonAlhambra, CA
99dHybrid
Match Resume

About The Position

Join the Clean Energy Revolution Become a Security & Compliance, Advisor at Southern California Edison (SCE) and build a better tomorrow. In this job, you'll lead and manage Security and Compliance for Information Technology (IT)/Operational Technology (OT) high impact programs and projects for determining and leading strategic methods to meet company initiatives. The Security & Compliance Advisor, leads business requirements, performs gap analysis, and identifies strategies for controls and risk mitigation. Identifies significant regulatory challenges and commercial opportunities, for the current and future regulatory environments. Advises and counsels on new consumer products and product structures and compliance with changing regulatory rules and varying political environment. This position contributes to and leads complex aspects of NERC CIP and other Grid compliance and security reporting requirements. Work is generally independent and collaborative in nature. Provides guidance to cross-functional organizations on considering preventative measures on corrective action responses. The Security & Compliance, Advisor of NERC CIP Compliance resides in the Grid Services department within Southern California Edison's (SCE) Information Technology department. Assists and advises on NERC CIP standards along with the Program Manager. The Program Advisor ensures efficiency in the operations and manages compliance. He/ She leads and manages the overall program deliverables and provides direction and guidance to other personnel working within the program and provides updates to leadership and stakeholders. The Program Advisor ensures day to day compliance to the NERC standards as applicable. Will be working with other Organization Units such as: T&D, Corp. Security, Generation, Energy Procurement and Ethics and Compliance. As a Security & Compliance, Advisor, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?

Requirements

  • Seven or more years of experience in information technology, information security and/or cybersecurity.

Nice To Haves

  • Bachelor's Degree in Engineering, Business, Information Technology, JD, or related field.
  • Five or more years of experience implementing and managing common control frameworks aligned with industry best practices such as COBIT, ITIL, ISO, NIST, and CSF, in support of compliance and security requirements.
  • Five or more years of experience leading projects/program.
  • Intermediate knowledge of electric utility operations.
  • CISA/CISSP/CISM or any Governance certification.

Responsibilities

  • Reviews system logs and real time alerts for infrastructure to identify trends, investigate abnormalities, and report exceptions to the information security program
  • Monitors the IT related accepted risks for adding, updating, and removing accepted risks based on changes in technology and vulnerabilities
  • Monitors the configuration of company-wide applications to verify they meet the standards required by the information security program
  • Updates the information security program and corresponding cybersecurity policies, procedures, and controls annually based on regulatory changes, feedback from the information security committee, and the results of audits and assessments
  • Researches, implements, and maintains an information security framework through ongoing compliance monitoring of the framework
  • Completes the preparation of risk assessments that are performed for new critical technologies, applications, or devices that are implemented, revised, and installed
  • Monitors that security risk management practices are embedded into key business processes, enables security risk reduction by working collaboratively with business partners and security programs to identify, prioritize, and mitigate security risks
  • Fulfills security goals, scenarios, and selects cases to develop acceptable parameters of security risks or guardrails
  • Recommends changes to processes, software, systems, and platforms based upon security risk
  • Coordinates enterprise security policies and communications, gathers business participants input, implements changes to policies, and advises the business on policy changes
  • Supports, installs and maintains security tools and systems, and tracks security patches and incidents

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Industry

Utilities

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service