Cybersecurity Solution Analyst, Senior

The Cybersecurity Risk & Strategy team focuses on identifying risks, helping partners reduce or mitigate risks, developing initiatives to protect PG&E from cyber-attacks, and engaging with other groups to continually improve PG&E’s security posture. As part of the Risk & Strategy Cybersecurity Consulting team, you will concentrate on PG&E efforts related to evaluating cybersecurity projects across the enterprise.

You will engage with project teams, and collaborate with other parts of the Cybersecurity group, Information Technology partners, and experts in the lines of business to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action. You will contribute to strategically manage risk and proactively adapt to evolving threats and business needs. Performing risk assessments, evaluating and assigning security controls, assisting with the development, design, and implementation of security architectures, project security support, and technical experience are all important skill sets for this position.

  • Leads project engagements and technology assessments to understand capabilities of required systems or networks
  • Identifies and recommends cyber strategies for technology development based on stakeholder requirements
  • Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
  • Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
  • Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
  • Actively recommends engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cyber security risks
  • Provides peer review and support for organizational deliverables

Qualifications

Minimum Education Level: Bachelor's

Minimum:

  • B.S. degree in Computer Science, Information Systems or other related field, or equivalent year work experience
  • Minimum of 3 years of experience in IT, critical infrastructure, intelligence, and/or cybersecurity information security

Desired:

  • Master’s Degree in Computer Science or job-related discipline or equivalent experience
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
  • Knowledge of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
  • Understanding of computer networking concepts and protocols, and network security methodologies
  • Understanding and ability to apply cloud security concepts, including experience with public cloud (e.g. AWS, Microsoft Azure, etc.)
  • Demonstrated problem analysis and decision-making skills
  • Ability to communicate and convey complex IT/OT technical security related concepts to business and technology teams
  • Ability to influence and work with and across all levels within the business
Posted: November 12, 2018
<< Back to Job-Board