Be an early applicantLess than 25 applicants

Company

Southern California Edison (SCE) · 18 hours ago

Senior IS Security Advisor

United States

Full-time

Remote

Senior Level, Lead/Staff

$147K/yr - $220K/yr

10+ years exp

Maximize your interview chances

Communications InfrastructureElectrical Distribution

Comp. & Benefits

No H1B

Insider Connection @Southern California Edison (SCE)

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Deploys, monitors, and oversees the information security program across the organization

Monitors the implementation of risk priorities owned by distributed IT directors and IT delivery teams

Supports and reports on regional information security incidents in collaboration with the security operations center, the privacy function, and the regional executive teams

Manages, plans, and coordinates cyber resiliency exercises in collaboration with relevant parties

Assesses and evaluates risk and control position against cyber risk management framework

Delivers expertise and advisory support for security audits impacting assigned zones

Maintains and reviews regional key performance indicators (KPIs), reporting on issues and risks to the global security operations center and any concerned business leaders

Partners with third-party cyber risk management program to oversee and monitor business management of information security risks of third-party relationships

Follows emerging vulnerabilities, and threats and ensures executive leadership are aware and regularly updated on external cyber threat landscape

Engages with a broad range of internal and external stakeholders to support the security strategy delivery, and implementation of global Information security program

A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information SecurityCybersecurityNERC CIP standardsRegulatory complianceVulnerability managementGovernance processesCISA certificationCISM certificationCISSP certificationSoftware development life cycleProject managementProcess DesignCOBITITILISONISTElectric utility industry

Required

Ten or more years of experience in information technology, information security and/or cybersecurity.

Preferred

Ten or more years of experience with regulatory standards, or information security frameworks.

Three or more years of experience and proven track record with NERC Critical Infrastructure Protection standards.

Three or more years of experience in developing or implementing policies, standards, and governance processes.

Three or more years of project management experience.

Bachelor’s degree or higher in Computer Science, Information Systems, Engineering, or related technical major

Certifications in project management, process design, or have a degree in a technical major.

Certifications in Information Security, including: CISA, CISM or CISSP.

Experience evaluating the design and effectiveness of common controls based upon industry standard methodology models (e.g., COBIT, ITIL, ISO, NIST) in accordance with compliance requirements.

Experience with Process Design (Workflow, Visio, documentation, templates).

Five or more years of experience in software development life cycle.

Three or more years of experience in the electric utility industry, with focus on NERC, FERC, NIST, CSF.