Join the Clean Energy Revolution
Become a Cybersecurity Risk Specialist at Southern California Edison (SCE) and build a better tomorrow. In this job, you’ll perform complex cyber technical analysis for new and existing technologies, vendors, and hardware to identify and mitigate cybersecurity risk to SCE systems. Utilize cutting edge cyber technology in making secure design recommendations and identifying threats, and vulnerabilities with technology implementations, and current production systems. Collaborate with other cybersecurity teams such as cyber incident response, tools and technologies, and engineering to help make risk-based decisions to mitigate cybersecurity risk across SCE. Collaborate with other team members on current vulnerabilities, and threat actor’s tactics, techniques, and procedures. Participation in cyber risk hunting activities will allow proactive identification of existing risks.
As a Cybersecurity Risk Specialist, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?
A day in the life – Get ready to think big, work smart and shine bright!
- Conduct cybersecurity risk assessments on vendors to identify security deficiencies of the vendors security posture utilizing passive traffic analysis techniques with commercially available technology and open source tools.
- Utilize Open Source Intelligence (OSINT) platforms and threat intelligence software to understand potential threat of breach to vendor and historical security incidents to communicate basic recommendations of compensating controls. Determines deviations from standards, policies, or contractual terms and conditions.
- Apply specialized cybersecurity expertise and industry best practice methodology to determine the impact of a realized incident to the organizations data/infrastructure of the identified vulnerabilities and develops and/or recommends appropriate mitigation countermeasures to remediate or mitigate risk to the organization.
- Conduct cybersecurity penetration testing to perform complex technical analysis on vendor’s software and hardware by configuring commercially available and open source technology to identify insecure configuration settings and software vulnerabilities to recommend the most efficient implementation techniques and tools for solutions to address system deficiencies or consider alternative system planning and design.
- Review Third Party Audit Documentation, Penetration Testing Reports, and Security Certifications for Equipment and Secure Code Design to understand and communicate potential risk to the organization. Determines deviations from standards, policies, or contractual terms.