Cybersecurity Threat Intelligence Analyst

SoCalGas

  • Full time
  • 1 month ago
  • Monterey Park,CA
  • OnSite

Job Description

About Us

At SoCalGas, we believe that every Californian deserves a resilient energy future. We are working to achieve that future by empowering California to reach its sustainability goals through innovation, collaboration, and decarbonization. As our states energy needs change, we will be there providing reliable energy that is clean, safe, and affordable to our 22 million customers.

In addition to helping shape the future of hydrogen technology and clean energy, as an employee of SoCalGas youll also enjoy an aggressive total compensation plan, multiple upward mobility opportunities and the ability to find a true work life balance. We also strive to reflect the communities we serve by attracting top talent and maintaining a diverse workforce. To discover more about how rewarding it is to work here, we invite you to visit these pages on our website: Our Mission; Diversity, Equity and Inclusion, Sustainability, In the Community, and Employee Benefits. Join SoCalGas today to share in our mission to build the cleanest, safest, and most innovative energy company in America!

Primary Purpose

The Senior Domain Engineer – Cybersecurity runs cybersecurity capabilities with emphasis on detecting, responding and preventing cybersecurity incidents within the organization. Assesses risk and identifies mitigations. As a specialist in security techniques, provides visibility across the enterprise technology landscape to identify, assess and recommend risk mitigation tasks. Handles complex long-term initiatives in area of expertise, collaborating with multiple teams and stakeholders to develop improved cybersecurity technology and processes with a focus on continuous improvement.

Duties & Responsibilities

  • Identifies and prioritizes enterprise level cybersecurity threats and risks with leadership, monitoring operational tools in order to reduce risks and vulnerabilities to the enterprise. Designs and evaluates related cybersecurity technology and technology tools according to delivery framework for business-critical functional areas, to remediate cybersecurity risk. Ensures cybersecurity presence throughout development life cycles, supporting product teams with operational oversight and cybersecurity engineering consulting. Leverages DevSecOps expertise to enhance continuous monitoring by integrating security practices with product teams. Creates processes and templates for cybersecurity related implementations, focused on risk mitigation. Creates and maintains appropriate documentation for cybersecurity initiatives.
  • Evaluates current state processes and drives selection of cybersecurity technology (systems, platforms, or networks) with an emphasis on automation to enable strategic capabilities. Analyzes new technology to identify and mitigate risks, leading efforts to define recommendations for security optimization. Proactively develops new security engineering capabilities that align with business needs, enterprise controls, and overall risk strategy. Develops procedures, processes and guidelines for implementing security controls, and technical assessments while co-creating with engineering and architecture teams for greater alignment. Provides insights for delivery teams to support adherence to operating company standards and policies. Provides expertise for system, platform or network cybersecurity enhancements for delivery teams to support greater risk mitigation.
  • Participates in analysis, diagnosis and assessment of cybersecurity related capabilities (systems, platforms, or networks), ensuring adequate performance, risk management, and capacity management. Conducts maintenance support for cybersecurity applications and related technology tools.
  • Delivers work in accordance with an agile mindset. Agile is a methodology supporting new ways of working emphasizing incremental delivery, value prioritization, often using scrum process. Assists in incremental value creation and business agility, adopting scrum or kanban methodologies as appropriate to their team. Kanban and scrum are frameworks used for organizing work in an agile way, focused on managing the flow of knowledge and operational work and driving continuous improvement for a team. Mentors less experienced technology staff on cybersecurity knowledge best practices, procedures, and processes.
  • Performs other duties as assigned (no more than 5% of duties).

($122,500 – $183,800 / year)

Education

  • Bachelor’s Degree Information Systems, Software Engineering, Computer Science, related field or equivalent training and/or experience. Required

Experience

  • 5 years – Progressive experience working within IT and/or enterprise cybersecurity with experience in cybersecurity process, risk assessments, and troubleshooting of systems. Required
  • 3 years – Experience working with cybersecurity and technology, with experience in endpoint security, network security, risk management, and/or application security. Significant experience performing vulnerability assessments and/or remediating security vulnerabilities, and developing security capabilities. Required
  • 5 years – Experience with National Institute of Standards and Technology (NIIST) Cybersecurity Framework (CSF) or Risk Management Framework (RMF) such NIST 800-53. Preferred
  • 3 years- Experience with hands-on development and programming of software and systems. Preferred

Knowledge, Skills & Abilities

  • Required:
  • Cybersecurity Acumen – Knowledge of cybersecurity design and architecture (application, data, and technical) with understanding of how systems and processes work together as aligned to business and IT imperatives Advanced
  • Cybersecurity Engineering – Ability to deliver holistic support to secure systems, identifying threats and vulnerabilities in systems and applications, creating security applications and solutions, designing for resiliency and security to enhance security capabilities protecting data from theft, compromise or attack. Advanced
  • Cybersecurity Risk Assessment – Ability to evaluate existing systems and solutions for security risk and vulnerabilities, designing solutions and systems that provide quality and traceability of risk data and analytics to inform security recommendations. Advanced
  • Application Security – Ability to define and operate secure application programs, as well as perform security reviews and tests of applications to meet security and compliance requirements while minimizing the risks of losses through exploitable security defects in applications. Intermediate
  • Vulnerability Management – Ability to perform security reviews and tests to meet security and compliance requirements while effectively minimizing the risks of losses through exploitable security vulnerability. Intermediate
  • Network Security Skills – Ability to deliver network security services through preventing unauthorized access to network resources (data and voice systems), managing network security related incidents and providing on-going services to maintain network security operations functions (firewall, DNZ, corporate LANs, etc.). Intermediate
  • Identity and Access Management – Knowledge related to design and delivery of solutions for establishing user, applications and device credentials and processes for applying those credentials to access enterprise systems and applications. Intermediate
  • Development Languages – Knowledge and understanding of one or more IT programming languages and database architectures, and ability to write code and develop applications using those languages. Intermediate
  • Preferred:
  • DevSecOps Practices – Strong understanding of automation and security concepts and processes (e.g., test automation, code coverage, DevSecOps, Continuous Integration / Continuous Delivery (CI/CD) pipelines, etc.), and ability to drive the integration of development, operations, and security into enterprise software development. Intermediate
  • Software Delivery Frameworks Strong knowledge of delivery frameworks such as Agile Scrum, Kanban, and/or Software Development Lifecycle (SDLC); proven ability executing projects in a collaborative, fast paced environment. Intermediate
  • IT Service Management – Ability to manage IT services lifecycle (service strategy, design, transition, operation, continuous service improvement) and use DevOps methodology and tools to analyze results Intermediate

Licenses & Certifications

  • CompTIA Security+, Global Information Assurance Certification (GIAC) or GSSEC. Preferred

Other Qualifications

  • May require work outside of normal business hours and/or 24/7 response availability for system and application maintenance, enhancements, production releases and/or operational emergencies.

Benefits

SoCalGas offers a comprehensive benefits program to help support employees both personally and professionally. These benefits include, but are not limited to:

  • Competitive pay & Annual Bonus program
  • Medical, dental, and vision packages (plus free Mental Health resources/sessions)
  • 401K company match & Company provided Pension Plan
  • Work/Life Balance including generous PTO
  • Wellness Programs/Classes
  • Tuition/Education Reimbursement
  • Career Development Tools & Resources through SoCalGas University

Follow us on social media to stay current with what weve been up to on X, Facebook, YouTube, and Instagram.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

All rights reserved. Big Green Jobs Big Green Jobs

Uploading
Skip to toolbar