Cybersecurity Manager – Engineering & Architecture (Value Capability Manager)

Full-time
San Diego Gas & Electric
Description
Job Description

SDG&E is an innovative San Diego-based energy company that provides clean, safe and reliable energy to better the lives of the people it serves in San Diego and southern Orange counties. The company is committed to creating a sustainable future by providing its electricity from renewable sources; modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure the reliable operation of the region’s infrastructure for generations to come. SDG&E is a subsidiary of Sempra Energy (NYSE: SRE).

 

Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.

 

Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.

 

For more information, visit SDGEnews.com or connect with SDG&E on Twitter (@SDGE), Instagram (@SDGE) and Facebook.

 

Primary Purpose

 

The Manager of Cybersecurity Engineering & Architecture will provide overall management for people, process, and technology capabilities for the Cybersecurity Engineering and Architecture teams. This role works with the various teams and stakeholders to ensure the necessary security standards are in place for on-premises and cloud infrastructure.

 

Leads Cybersecurity Centers of Excellence and the delivery of Cybersecurity Engineering & Architecture services. Ensures compliance and business continuity for applications, data assets, and platforms. Meets customer expectations and/or Service Level Agreements for cybersecurity project performance and execution. As a manager of cybersecurity engineering teams, supervises technical track staff such as Cybersecurity Domain Engineers, Domain Architects, Enterprise Architects, and others as assigned. Mentors and supports technical staff, drive technical skill development. Ensures that modern cybersecurity engineering practices are followed. Builds forward-looking cybersecurity capabilities for organization.

 

May act as an service owner, overseeing medium to large cybersecurity vendor contracts and relationships, and managing the strategy, vision, and roadmap for the services provided. Works with contractors through the external vendor manager directly or their back office support for any assigned work, to lead status meetings with the external vendor manager to review progress and quality of assigned work. Assists as needed with providing company protocols, scope of work, and contract adjustments where valid and approved by company.

Duties and Responsibilities

  • Lead teams of cybersecurity engineers and architects accountable for the development of security reference architectures, policies, standards and engineering guidelines to build security into technology used by the company. Supports complex projects requiring security architecture and engineering solutions. Sets vision and roadmap for development of technical cybersecurity capabilities they are responsible for providing to enterprise. Manages enterprise cybersecurity technology needs, stakeholder relationships, and capability maturity. Collaborates with Group Product Managers and architects to drive enterprise-wide adoption of capability under their leadership. Evaluates and prioritizes strategic opportunities to enable technology organization to safely deliver on business priorities. Proactively champions new opportunities for automation, innovation, and technical excellence within the Cybersecurity organization, bringing thought leadership and deep technical expertise to drive adoption. Owns quarterly planning and roadmaps for the Cybersecurity Engineering capabilities.
  • Manages executive relationships to maintain strategic direction and pipeline of work. Holds full accountability for success of designated function or department. Drives performance against measurable functional, operational, and strategic priorities. Prioritizes work based on stakeholder needs and objectives and ensures the deployment of people, process, and technology resources is aligned to IT strategy. Provides technical leadership to manage planning, refinement, execution and review of critical initiatives.
  • Leads oversight of timeliness and quality of vendor services and deliverables. Works in partnership with Supply Management and IT Vendor Management Office (VMO) to support Business Review meetings, reviewing performance, quality and continuous improvement of service delivery. Assists as needed with providing SDG&E protocols, scope of work, and contract adjustments where valid and approved by SDG&E. Provides strategic direction to develop Service Level Agreements, technology standards and guidelines. Works through the external vendor manager to ensure high performance standards and success of critical technology programs through strong performance management and measurement. Assesses vendor capabilities, ensuring a clear understanding of platforms, strategies, roadmaps, and releases. Drives definition of enterprise strategy, platform, and capability roadmaps to deliver critical functionality to the Cybersecurity organization. Partners with peers across the cybersecurity organization to identify new innovations, capabilities and solutions that improve security posture of the company.
  • Define, support and expand the implementation of an operational framework focused on Agile/DevSecops Cybersecurity organization and repeatable automation with reference architectures.
  • Provides leadership to a large team, providing direction, motivation, and strategic oversight. Owns all aspects of employee management for a large team, directing work and providing guidance. Responsible for all aspects of performance management, training and development. May supervise team leads.
  • Approves contracts and services with 3rd party vendors, up to $500,000.
  • Performs other duties as assigned (no more than 5% of duties).
Qualifications

Required Qualifications: 

  • Bachelor’s Degree in Cybersecurity/Information Security, Computer Science, Information Systems, Software Engineering, Business Administration, related field or equivalent training and/or experience.
  • 8 years – Progressive experience in Cybersecurity, IT project management, or related field. Experience working with IT financial and/or vendor management highly desired.
  • 3 years – Related supervisory and/or lead experience.
  • 2 years – Experience working with Cybersecurity frameworks and controls, such as NIST, CSF, ISO, etc.
  • Knowledge and ability to implement Cybersecurity frameworks and controls.
  • Knowledge of IT & OT Cybersecurity best practices.
  • Stakeholder Management – Ability to create and maintain strong relationships with stakeholders in order to drive outcomes and create alignment around a vision or course of action.
  • Cybersecurity Project Delivery – Proven ability executing projects in a collaborative, fast paced environment. Knowledge on how to implement and use agile methodologies within the Cybersecurity area.
  • Communication for Technical Leadership – Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.).
  • Technology Trends – Demonstrates a strong understanding of emerging trends in the cybersecurity landscape, including new technologies, processes, and ways of working. Able to determine the impact of technological advancement on the company’s systems, applications, infrastructure, and practices.
  • Vendor / Contract Management – Ability to build effective relationships with third party providers, suppliers, and partners.

    Financial Acumen – Strong financial acumen, including the ability to accurately report spending in the cybersecurity function and an understanding of both CapEx and OpEx budgets.

Preferred Qualifications: 

  • 3 years – Experience in agile methodologies, and agile project management techniques such as Lean Portfolio Management (LPM).
  • 2 years – Experience working with DevSecOps practices, including Continuous Integration / Continuous Delivery (CI/CD) pipelines.
  • 2 years – Experience working within the energy sector or with a utility.
  • Knowledge and experience using various cybersecurity tools within the DevSecOps phases.Automation and Security Concepts – Knowledge of automation and security concepts (e.g., test automation, code coverage, CI/CD pipelines, SDLC, etc.)
  • Business Functional Knowledge – Knowledge and understanding of the business context, market and operational functions of the operating company, and the wider utilities industry.
  • Service Design and Management – Manage the design of one (or more) information-based technology-enabled service through addressing requirements from Capacity Management, Information Security Management, Availability Management, Service Continuity Management, Supplier Management and Service Level Management).

May require work outside of normal business hours and/or 24/7 response availability for system and application maintenance, enhancements, production releases and/or operational emergencies.

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

Menu