SDG&E is an innovative San Diego-based energy company that provides clean, safe and reliable energy to better the lives of the people it serves in San Diego and southern Orange counties. The company is committed to creating a sustainable future by providing its electricity from renewable sources; modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure the reliable operation of the region’s infrastructure for generations to come. SDG&E is a subsidiary of Sempra Energy (NYSE: SRE).
Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.
Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.
The Senior Domain Engineer – Cybersecurity Incident Response runs cybersecurity capabilities with emphasis on detecting, responding and preventing cybersecurity incidents within the organization. Assesses risk and identifies mitigations. As a specialist in security techniques, provides visibility across the enterprise technology landscape to identify, assess and recommend risk mitigation tasks. Handles complex long-term initiatives in area of expertise, collaborating with multiple teams and stakeholders to develop improved cybersecurity technology and processes with a focus on continuous improvement.
Duties and Responsibilities
- Identifies and prioritizes enterprise level cybersecurity threats and risks with leadership, monitoring operational tools in order to reduce risks and vulnerabilities to the enterprise. Designs and evaluates related cybersecurity technology and technology tools according to delivery framework for business critical functional areas, to remediate cybersecurity risk. Ensures cybersecurity presence throughout development life cycles, supporting product teams with operational oversight and cybersecurity engineering consulting. Leverages DevSecOps expertise to enhance continuous monitoring by integrating security practices with product teams. Creates processes and templates for cybersecurity related implementations, focused on risk mitigation. Creates and maintains appropriate documentation for cybersecurity initiatives.
- Evaluates current state processes and drives selection of cybersecurity technology (systems, platforms, or networks) with an emphasis on automation to enable strategic capabilities. Analyzes new technology to identify and mitigate risks, leading efforts to define recommendations for security optimization. Proactively develops new security engineering capabilities that align with business needs, enterprise controls, and overall risk strategy. Develops procedures, processes and guidelines for implementing security controls, and technical assessments while co-creating with engineering and architecture teams for greater alignment. Provides insights for delivery teams to support adherence to operating company standards and policies. Provides expertise for system, platform or network cybersecurity enhancements for delivery teams to support greater risk mitigation.
- Participates in analysis, diagnosis and assessment of cybersecurity related capabilities (systems, platforms, or networks), ensuring adequate performance, risk management, and capacity management. Conducts maintenance support for cybersecurity applications and related technology tools.
- Delivers work in accordance with an agile mindset. Agile is a methodology supporting new ways of working emphasizing incremental delivery, value prioritization, often using scrum process. Assists in incremental value creation and business agility, adopting scrum or kanban methodologies as appropriate to their team. Kanban and scrum are frameworks used for organizing work in an agile way, focused on managing the flow of knowledge and operational work and driving continuous improvement for a team. Mentors less experienced technology staff on cybersecurity knowledge best practices, procedures, and processes.
- Performs other duties as assigned (no more than 5% of duties).