Security Engineer

Requisition ID # 166915 

Job Category: Information Technology 

Job Level: Individual Contributor

Business Unit: Information Technology

Work Type:

Job Location: Concord

Department Overview

Information Systems Technology Services is a unified organization comprised of various departments which collaborate effectively to deliver high quality technology solutions.

The Security Intelligence and Operations Center (SIOC) is responsible for ensuring that PG&E proactively identifies and assesses threats to its user and operational network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape.

Position Summary

The Career Security Engineer delivers information security services in support of PG&E's enterprise security goals and objectives. You will use a variety of commercial and custom tools and processes to provide the information security services. You will also design improvised solutions on the fly when dealing with active threats. Additionally, you will produce metrics and statistics that feed complimentary processes in PG&E such as, but not limited to risk assessment, patching, anti-virus, firewall management, etc.

This position is hybrid, working from your remote office and Concord, CA approximately 3 days per week, or more, based on business needs.

PG&E is providing the hourly range that can reasonably be expected for this position at the time of the job posting. This hourly range is specific to the locality of the job. The actual hourly rate paid to an individual will be based on multiple factors, including, but not limited to, internal equity, specific skills, education, licenses or certifications, experience, market value, and geographic location. The decision will be made on a case-by-case basis related to these factors.​ This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.  

The hourly rate for this position ranges from $49.03 to $69.80.

Job Responsibilities

• Configuration and support of AWS security services (e.g., GuardDuty, Detective, CloudTrail)
• Configuration and support of Azure security services (e.g., Defender for O365, Defender for Cloud Application Security, Defender for Identity)
• Support SIOC and cybersecurity projects
• Support the optimization of tool configurations to meet the needs of security analysts
• Prepare, document, and maintain standard operating procedures protocols, and technical references for security solutions/tools
• Support processes to check the effectiveness and optimize the capabilities of the security tools used by the SIOC
• Engineer and implement security measures for the protection of systems, networks and information
• Research security technologies and collaborate with peers to stay abreast of innovations in the industry
• Identify and define requirements for new security capabilities and tools
• Evaluate new technologies and processes that enhance security capabilities
• Test new security solutions using industry standard analysis criteria
• Write technical articles for knowledge sharing

Qualifications

Minimum:

• High School or GED-General Educational Development-GED Diploma
• Experience in IT-Information Technology, IT security, or related 2 years

Desired:

• Bachelor’s Degree in Computer Science or job-related discipline or equivalent experience
• Experience configuring the security configurations of AWS cloud services
• Experience configuring the security configurations of Azure cloud services
• Experience using Terraform to deploy cloud resources to support the security services
• Experience working in a SOC or security analyst experience
• Development and use of APIs for application integration
• Some experience working with security systems such as firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, orchestration and automation, etc.
• Some experience with Palo Alto XSOAR SOAR, IBM QRadar, Palo Alto NGFW
• Utility Industry

Knowledge, Skills, and Abilities

• Ability to write well-structured, understandable, efficient scripts in a language such as Python, Powershell, or Javascript.
• Proven working experience in building and maintaining security systems
• Thorough understanding of the latest security principles, techniques, and protocols
• Critical thinking skills and ability to work under pressure
• Deep knowledge of diverse operating systems, networking protocols, and systems administration
• Deep knowledge of IT core infrastructure and cyber security components/devices
• Deep knowledge of TCP/IP Networking and knowledge of the OSI model
• Working knowledge of PG&E infrastructure preferred
• Ability to write clear, well-organized planning, process, and technical documentation. 
• Ability to prioritize and pursue multiple critical tasks