Senior Cyber Threat Specialist

Company: PG&E Corporation
Location: Concord
Posted on: March 17, 2023

Job Description:

Requisition ID -# 145292 - Job Category: Information Technology - Job Level: Individual Contributor Business Unit: Information Technology Work Type: Hybrid Job Location: Concord Department Overview The Cybersecurity function is led by PG&E's Senior VP and Chief Information Officer and is responsible for cybersecurity and risk management across the organization. The Security Intelligence and Operations Center (SIOC) is responsible for ensuring that PG&E proactively identifies and assesses threats to its user and operational network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape. - Position Summary Senior analyst role with the SIOC Security Engineering team delivers information security services in support of PG&E's security operations center and cybersecurity goals / objectives. - Utilizes a variety of commercial security tools, building custom scripts, and designing business processes to support the security operations center. - These activities are performed both proactively as part of continuous improvement processes and dynamically as the security operations center is responding to with active threats. - Additionally, the role may include activities to produces metrics for the security operations center.
- PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. - The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. - A reasonable salary range is:--- Bay Area Minimum: $---122,000 Bay Area Maximum: $---194,000 &/OR--- California Minimum: $---116,000 California Maximum: $---184,000 Job Responsibilities

• Develop automation and orchestration use cases in a SOAR
• Develop innovative monitoring and detection solutions using PG&E tools and other skillsets such as scripting
• Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
• Responsible for maintaining the configurations of content of various key security tools to meet the business objectives of the SIOC
• Prepare, document, and maintain standard operating procedures protocols, and technical references for security solutions/tools
• Support processes to monitor the effectiveness and optimize the capabilities of the security tools used by the SIOC
• Engineer and implement security measures for the protection of systems, networks and information
• Mentor junior staff in cybersecurity techniques and processes
• Research security technologies and collaborate with peers to stay abreast of innovations in the industry
• Identify and define requirements for new security capabilities and tools
• Evaluate new technologies and processes that enhance security capabilities
• Test new security solutions using industry standard analysis criteria
• Write technical articles for knowledge sharing
• Work with system owners and SIOC team members to find innovative ways to solve or improve existing production security issues
• Continuously optimize tool configurations to meet the needs of security analysts Qualifications Minimum:
  • High School or GED-General Educational Development-GED Diploma
  • 4 years security engineering experience
    Desired:
    • Bachelors Degree in Computer Science or job-related discipline or equivalent experience
    • Palo Alto Demisto/XSOAR SOAR
    • IBM QRadar
    • Palo Alto NGFW
    • Experience working in a SOC or security analyst experience
    • Knowledge of OT infrastructure, protocols, and security techniques, especially utility OT
    • Development and use of APIs for application integration
    • Hands-on experience working with security systems -such as firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, orchestration and automation, etc.
    • Basic technical project management
    • Utility Industry Knowledge, Skills, and Abilities
      • Ability to write well-structured, understandable, efficient scripts in a language such as Python, Powershell, or Javascript.
      • Proven working experience in building and maintaining security systems
      • Hands on experience working with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
      • Thorough understanding of the latest security principles, techniques, and protocols
      • Problem solving skills and ability to work under pressure
      • Deep knowledge of log, network, and system forensic solutions
      • Deep knowledge of diverse operating systems, networking protocols, and systems administration
      • Deep knowledge of IT core infrastructure and cyber security components/devices
      • Deep knowledge of TCP/IP Networking and knowledge of the OSI model
      • Working knowledge of PG&E infrastructure preferred
      • Ability to write clear, well-organized planning, process, and technical documentation. -Please provide a brief writing sample.
      • Ability to prioritize and pursue multiple critical tasks

Keywords: PG&E Corporation, Concord , Senior Cyber Threat Specialist, Other , Concord, California