Share this Job

Senior Cybersecurity Solution Analyst

San Francisco, CA, US, 94105

Requisition ID # 28043 

Job Category : Information Technology 

Job Level : Individual Contributor

Business Unit: Customer Care

Job Location : San Francisco


Department Overview

The PG&E Cybersecurity team is a dynamic group of security professionals, working to protect our critical assets, adapting and growing to meet the challenges from ever-evolving adversaries. The successful candidate for this team will have a unique opportunity to protect PG&E’s key cyber-assets from attack, especially the systems that ensure the reliable and affordable delivery of electric and natural gas services to two-thirds of California. The team provides governance and direction of initiatives to safeguard PG&E’s cyber-assets, working hand in hand with other Information Technology partners, as well as technical and engineering experts in PG&E’s lines of business. The team also deploys and manages technology platforms that implement and support security controls. The Cybersecurity team consists of security professionals with multiple years of experience in their chosen disciplines, including:


  • Cybersecurity Risk & Strategy
  • Identity & Access Management
  • Network Security Design & Engineering
  • Vulnerability Assessment & Metrics
  • Security Intelligence & Operations


Position Summary

The Senior Cybersecurity Solution Analyst is responsible for the assessment, verification, review, and audit of security/privacy controls and overall security/privacy posture of Third-Party vendors against PG&E security standards, best practices and regulatory requirement across the enterprise. This position is also responsible for risk analysis, risk determination, and Third-Party risk management governance support across the enterprise. The Senior Cybersecurity Controls Assessor builds and maintains relationships with Business Unit partners to understand business requirements, issues resolution, and sustained overall customer satisfaction. 




  • Bachelor’s degree in Computer Science or related field, or equivalent work experience
  • 3 or more years of general IT experience, including IT security or IT risk management experience



  • Utility industry experience
  • Excellent problem-solving and decision making ability
  • Excellent written and verbal communication skills
  • Excellent technical documentation skills
  • Professional demeanor, exceptional interpersonal skills, including teamwork, facilitation and negotiation
  • Team player, highly collaborative, able to work cross-functionally
  • Resourceful and self-motivated, able to work independently when required
  • Able to lead teams of up to five individuals in A&V and cross-functional activities
  • Broad breadth of technical skills and experience in IT, security, and privacy; able to “wear multiple hats” even within the boundaries of the A&V COE
  • Excellent planning, organizational and project management skills; detail and process-oriented; able to multi-task a number of different projects
  • Provides technical leadership and serves as a senior level technical expert in area(s) of their specialty  


Job Responsibilities

  • Assist, Execute and support Third party vendors security and risk assessments, audits, tests, and verification activities.
  • Validate controls are operating effectively.
  • Work under consultative direction to review test results or interpret evidence.
  • Within area(s) of specialty, develop control test procedures, vulnerability-testing code writing capability, and other analytical tools to support Third Party Security and Risk Management activities and services.
  • Document results of assessments, audits, tests, and verification activities.
  • Create and maintain Third Party Security and Risk group, project, and service-aligned documentation.
  • Perform or support review of security control modifications, as required.
  • Develop ability to speak and understand security terminology, especially those related to Information Assurance.
  • Conduct Security Testing and Generate Risk Scores on all Assessment Findings.
  • Maintain metrics for Third Party Security and Risk management, Administer and use system/ Tools to analyze risks, including vulnerabilities, impact upon occurrence, and likelihood of threats.
  • Working knowledge of security domains, auditing standards and frameworks, and risk analysis frameworks.
  • Develop partnerships with business owners and operational stakeholders, in identifying and resolving control deficiencies, and addressing information security and privacy vulnerabilities.
  • Develop situational awareness, stay informed or current technology and vulnerabilities, and contribute to PG&E and industry in the area(s) of their specialty.
  • Perform other tasks, as requested, to ensure that the Third Party Security and Risk management group meets its commitments to its customers.



Our Mission

To safely and reliably deliver affordable and clean energy to our customers and communities every single day, while building the energy network of tomorrow.

Our Vision

With a sustainable energy future as our North Star, we will meet the challenge of climage change while providing affordable energy for all customers.

Our Culture

We put safety first.
We are accountable. We act with integrity, transparency and humility.
We are here to serve our customers.
We embrace change, innovation and continuous improvement.
We value diversity and inclusion. We speak up, listen up and follow up.
We succeed through collaboration and partnership. We are one team.

Pacific Gas and Electric Company (PG&E), a subsidiary of PG&E Corporation (NYSE:PCG), is one of the largest combined natural gas and electric companies in the United States. Based in San Francisco, our 24,000 employees deliver safe, reliable, affordable and clean energy to nearly 16 million people throughout our Northern and Central California service area, stretching from Eureka to Bakersfield and from the Pacific Ocean to the Sierra Nevada.

More About Our Company

Pacific Gas and Electric Company is an Affirmative Action and Equal Employment Opportunity employer that actively pursues and hires a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, age, religion, physical or mental disability status, medical condition, protected veteran status, marital status, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information or any other factor that is not related to the job.

Nearest Major Market: San Francisco
Nearest Secondary Market: Oakland