Loading...
Share this Job

Principal Cybersecurity Technology Architect

San Francisco, CA, US, 94105

Requisition ID # 33142 

Job Category : Information Technology 

Job Level : Manager/Principal

Business Unit: Customer Care

Job Location : San Francisco

Position Summary


As a Cybersecurity Technology Architect, Principal in the Cybersecurity Architecture team, you will be responsible for the development of repeatable and practical architecture to support the secure design and delivery of technology platforms to protect PG&E against cyberattacks. In this position, you will be a key technical leader in building and maintaining the PG&E security architecture practice. You will be particularly responsible for strategy and governance of architecture for the major functions needed to support the identification of security controls, the detection of cybersecurity events and issues, and the prevention of cyberattacks. Important deliverables include technology roadmaps, domain reference architectures, and design patterns that support the deployment of interoperable platforms to implement effective security controls and meet compliance requirements. You will be expected to ensure that security requirements are met in an efficient, sustainable, adaptable, and reusable manner. You will need to maintain a focus on both the present and the future, keeping in mind that cyberattacks against PG&E’s critical infrastructure are constantly evolving. You will be collaborating with multiple teams, both within the Security department and with other PG&E lines of business.

 

Job Responsibilities

 

Your roles and responsibilities will encompass three broad areas – strategic cybersecurity architecture and design, interfacing with Information Technology architects, and governance of cybersecurity solutions. Strategy and tactics are complementary and equally important, with both top-down and bottom-up analysis required depending upon individual circumstances. You will be exposed to all levels of architecture and design in this role.

 

Strategic Cybersecurity Architecture

  • Taking a leading role, you will collaborate with other team architects to define and refine capabilities and architectural domains for cybersecurity services.
  • Taking a leading role, you will collaborate with team architects to develop and revised design patterns and roadmaps for cybersecurity domains.
  • You will develop and update service menus for cybersecurity domains.
  • You will model threats and identify controls to mitigate the risk that a successful attack will occur.
  • You will ensure that architectural deliverables are properly documented and kept up-to-date.
  • You will provide peer review and support for Cybersecurity’s organizational deliverables.
  • You will engage with risk consultants to ensure that design patterns will mitigate cyberattack risks.
  • You will work with solution architects to ensure that design patterns are realistic and effective, revising those patterns as needed to keep pace with evolving technology and constantly shifting cyberattacks.
  • You will engage with vendors, consultants, and others to identify trends in cybersecurity solutions and to develop strategies to ensure that PG&E will continue to be protected against constantly evolving cyberattacks.
  • You will be a key participant in the company’s integrated planning processes, identifying and prioritizing cybersecurity projects for funding and deployment, maintaining or improving PG&E’s ability to protect against cyberattacks.

 

Interface with Information Technology

  • You will be an important interface with IT domain architects and IT solution architects.
  • You will be the voice of cybersecurity for key IT and operational technology initiatives, ensuring that controls against cyberattack are built into platforms from the very initial phases of those initiatives.
  • You will engage with technology governance processes in IT and the lines of business.
  • You will ensure that technology solutions align with and integrate regulatory requirements such as HIPAA, SOX, NERC-CIP, CCPA, etc.
  • You will be one of PG&E’s cybersecurity subject-matter experts providing critical and timely insight into security best practices and the security controls required for the secure deployment of all platforms.

 

Governance of Cybersecurity Solutions

  • You will participate in processes to govern the introduction and lifecycle of cybersecurity technology platforms.
  • You will establish requirements to ensure that cybersecurity technology platforms are interoperable and effective.
  • You will work with engineering and operations teams to identify issues and problems with cybersecurity technology platforms and solutions to those issues and problems.
  • You will determine when cybersecurity technology platforms need to be refreshed or replaced, identifying and selecting new and next-generation platforms as needed.

 

Competencies


To be successful in this role, you will need to demonstrate the following skills and attributes:

  • Foremost, a collaborative and mutually supportive attitude toward architecture team members.
  • Collaboration with stakeholders such as Enterprise Architecture, Cybersecurity Services (engineering), the Security Information and Operations Center, and the Cloud Center of Excellence.
  • Technical foresight and leadership in the selection and planning of cybersecurity technologies and their deployment.
  • Flexibility within numerous changing situations, working with individuals and groups.
  • Willingness to coach and mentor other team members, particularly those with less experience.
  • The ability to change ideas or perceptions in response to changing circumstances.
  • Focus on customer service with the attitude of delivering excellent outcomes.
  • Thinking strategically and tactically about business, product, and technical challenges.
  • Courage to speak up to identify gaps and problems.
  • Comfort with ambiguity and large, complex technology environments.
  • Ability to prioritize, multi-task, and plan around deadlines.
  • Striking the right balance between operating independently and following established standards and procedures.
  • Effective analysis and problem-solving skills, often under deadline pressure.
  • Effective and polished verbal and written communication.
  • Commitment to quality design and implementation.

 

Qualifications


Minimum:

  • Eight years of information technology experience including experience in cybersecurity architecture and/or cybersecurity technology application or infrastructure implementation.
  • B.S. degree or equivalent work experience in computer Science, computer engineering, business administration, or related field; or equivalent experience.

 

Desired:

  • M.S. degree in computer science, computer engineering, or equivalent.
  • At least one relevant certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
  • Process design, information modeling and/or system architecture development with project or portfolio focus in at least one of the following: application architecture, network architecture, service-oriented architecture (SOA), information architecture, data management, or security technologies.
  • Experience with operational support for applications, systems, databases or network infrastructure.
  • Expertise in protecting critical infrastructure.
  • Expertise in data-protection mechanisms and cryptographic algorithms.
  • Demonstrated knowledge of technological trends and developments in cybersecurity.
  • Knowledge of cybersecurity technologies and products deploying those technologies.
  • Knowledge of cybersecurity risk management and associated metrics.
  • Knowledge of regulatory requirements (including but not limited to HIPAA, SOX, NERC-CIP, TSA, CCPA, other privacy legislation).
  • Experience with industrial-control system (ICS) technologies commonly used in utilities.
  • Experience with enterprise architecture tools.
  • Experience providing direction to design and engineering staff.
  • Experience providing direction to one or more architects.
  • Strong communication skills, tailored for and appropriate to multiple audiences.

 

 

 

Our Mission

To safely and reliably deliver affordable and clean energy to our customers and communities every single day, while building the energy network of tomorrow.

Our Vision

With a sustainable energy future as our North Star, we will meet the challenge of climate change while providing affordable energy for all customers.

Our Culture

We put safety first.
We are accountable. We act with integrity, transparency and humility.
We are here to serve our customers.
We embrace change, innovation and continuous improvement.
We value diversity and inclusion. We speak up, listen up and follow up.
We succeed through collaboration and partnership. We are one team.

Company
Pacific Gas and Electric Company (PG&E), a subsidiary of PG&E Corporation (NYSE:PCG), is one of the largest combined natural gas and electric companies in the United States. Based in San Francisco, our 24,000 employees deliver safe, reliable, affordable and clean energy to nearly 16 million people throughout our Northern and Central California service area, stretching from Eureka to Bakersfield and from the Pacific Ocean to the Sierra Nevada.

More About Our Company

EEO
Pacific Gas and Electric Company is an Affirmative Action and Equal Employment Opportunity employer that actively pursues and hires a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, age, religion, physical or mental disability status, medical condition, protected veteran status, marital status, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information or any other factor that is not related to the job.

Employee Privacy Notice                                                                                                                                                                                                                                      The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. CCPA grants new and far-reaching privacy rights to all California residents. The law also entitles  job applicants, employees and non-employee workers to be notified of what personal information PG&E collects and for what purpose. The Employee Privacy Notice can be accessed through the following link: Employee Privacy Notice

PG&E will consider qualified applicants with arrest and conviction records for employment in a manner consistent with all state and local laws.