SDG&E is an innovative San Diego-based energy company that provides clean, safe and reliable energy to better the lives of the people it serves in San Diego and southern Orange counties. The company is committed to creating a sustainable future by providing its electricity from renewable sources; modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure the reliable operation of the region’s infrastructure for generations to come. SDG&E is a subsidiary of Sempra Energy (NYSE: SRE).
Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.
Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.
The Domain Engineer II – Cybersecurity contributes to the cybersecurity capabilities for the organization. Collaborates with cybersecurity teams to identify and mitigate risks to ensure Information Technology (IT) and Operations Technology (OT) applications, information, network, and infrastructure are designed and implemented to reduce risk to an acceptable level. Performs and assists other staff in performing IT and OT security risk assessments of projects, programs and/or cybersecurity controls and tools. Participates in company projects from a cybersecurity technical perspective.
Duties and Responsibilities
- Conducts investigations pertaining to potential data breach scenarios involving Company data, Customer Data and other regulated information. Participates with security team by identifying low to medium risk enterprise-level cybersecurity threats and risks. With team direction, supports product teams with cybersecurity consulting and embracing a continuous monitoring approach. Evaluates cybersecurity technology tools according to delivery framework for business-critical functional areas. Drafts documentation for implementations of cybersecurity systems or technology, documenting process and contributing to reports on potential enhancements and proposed controls.
- Author reports documenting the investigation and describing the data at risk and the quantity thereof. Work with legal teams and business units to discuss investigations and provide findings. Performs low to medium risk security risk analysis and assessments of company infrastructure and assets for company business units and assists in developing and delivering final assessment reports. May assist other cybersecurity staff with security risk assessments that are more complex or larger in scope. Completes analyses focused on supporting performance, risk assessment, and capacity management in the end-to-end assessment of cybersecurity related capabilities (where a capability is a technical service, process, function, or application, e.g. cybersecurity compliance, risk management). Supports maintenance of cybersecurity systems and related technology tools.
- Assist in identification of enterprise level cybersecurity threats and risks, investigates, documents and participates in Third Party Risk Management activities. Participates in evaluation and selection of cybersecurity technology (systems, platforms, or networks) to mitigate identified risks, with an emphasis on automation to enable strategic capabilities, including risk assessments and process reviews as part of the technical team. Partners with other engineers and architects to ensure cybersecurity impacts are noted and performance needs are met.
- Delivers work in accordance with an agile mindset. Agile is a methodology supporting new ways of working emphasizing incremental delivery, value prioritization, often using scrum process. Assists in incremental value creation and business agility, adopting scrum or kanban methodologies as appropriate to their team. Kanban and scrum are frameworks used for organizing work in an agile way, focused on managing flow of knowledge and operational work and driving continuous improvement for a team.
- Performs other duties as assigned (no more than 5% of duties).