Cybersecurity Critical Infrastructure Protection Operations Specialist

Location San Diego, CA
Date Posted May 22, 2021
Category Default
Job Type Full-time


At SDG&E, we are committed to the community we call home, delivering clean, safe and reliable energy to better the lives of the people we serve in San Diego and southern Orange counties. Our commitment means 40% of the energy that SDG&E delivers to customers comes from renewable sources, exceeding California’s Renewable Portfolio Standard. We are modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure safe and reliable operation of the region’s infrastructure for generations to come. Learn more about our commitment to delivering clean, safe and reliable energy HERE.

Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.

Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.

Primary Purpose:
Contributes to the effective operation of Critical Infrastructure Protection environment to ensure safe and reliable operations of all associated software, hardware, application, and network equipment in direct support of the Bulk Electric System operations. Provides input for the design, implementation, configuration for all assets in accordance with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance standards and requirements. Performs frequent vulnerability assessments and technical assessments of hardware, software, application, and network equipment and provide recommendations and remediation solutions for findings.

Duties and Responsibilities:

* Maintains, configures, and operates hardware, software, and applications that meet or exceed NERC CIP standards and requirements.
* Assists in the development and exporting of system generated evidence from assets in support of NERC CIP standards and requirements for audit purposes.
* Performs vulnerability assessments to identify security risks to the environment.
* Performs reviews of software, hardware, and network configurations to ensure technical security controls and best security practices are met or exceeded.
* Assists in the development of new security capabilities that align with the business need, security controls, and NERC CIP Standards and requirements.
* Assists in the development of procedures for the safe and reliable operation of hardware, software, applications and network equipment.
* Mentors other Cybersecurity CIP Team Specialist and Analyst personnel on cybersecurity knowledge best practices and process.
* Performs other duties as assigned (no more than 5% of duties).

Required Qualifications: 

* Bachelor's Degree in Computer Science, or other science/technology major, or equivalent training and/or experience.
* 4 years’ experience in IT, Cybersecurity, Information Security or equivalent disciplines, including demonstrated experience and understanding of infrastructure, applications, networks, operations and configuration management.
* 3 years’ experience within the information security field (e.g. endpoint security, network security, or application security).
* Valid Driver’s License for only when driving company vehicles.

Preferred Qualifications: 

* Experience performing vulnerability assessments and/or remediating vulnerabilities.
* Experience with NIST Cybersecurity Framework (CSF) or Risk Management Framework (RMF) such NIST 800-53.
* Experience with NERC CIP compliance requirements.
* Experience in the Energy or Utilities sector.
* Knowledge of system or network configuration management, change management, baseline management.
* Knowledge of system security vulnerabilities, exploitation, and remediation techniques.
* Demonstrated awareness of evolving cybersecurity threats and best practice for mitigation.
* Results-oriented and self-motivated.
* Excellent written and verbal communication skills.
* Excellent teamwork skills.
* CompTIA Security+, Global Information Assurance Certification (GIAC), or GSEC.
* 24 Hour Response Availability.24x7 availability.
* Travel to other business units as required.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled