Senior Cyber Incident Responder
Concord, CA, US, 94518
Requisition ID # 173128
Job Category: Information Technology
Job Level: Individual Contributor
Business Unit: Information Technology
Work Type: Hybrid
Job Location: Concord
Department Overview
The Cybersecurity function is led by PG&E’s Senior VP and Chief Information Officer and is responsible for cybersecurity and risk management across the organization.
The Security Intelligence and Operations Center (SIOC) is responsible for ensuring that PG&E proactively identifies and assesses threats to its user and operational network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape.
Position Summary
The Senior Cyber Incident Responder will be curious and knowledgeable regarding cyber security standards and technologies, able to work independently or with appropriate stakeholders as needed. You will provide the opportunity to focus on threat identification, proactive threat hunting, incident response, and cyber threat intelligence fusion. You will be part of a highly collaborative, dynamic, responsive, and agile team providing incident response and cyber defense services to IT & OT infrastructure.
This position is hybrid, working from your remote office and Concord, CA 3 days per week, or more, based on business needs or company requirements.
Job Responsibilities
- Maintain knowledge of adversary activities, including intrusion tactics, attack techniques and operational procedures.
- Investigate and respond to potential cybersecurity incidents
- Analysis of security event logs from a variety of sources
- Forensic analysis of potential evidence
- Static and dynamic malware analysis
- Network packet capture analysis
- Lead incident response efforts, coordinating resources as needed
- Documentation of analysis, including summarization for executive review
- Perform proactive threat hunting
- Work cross-functionally to recommend, facilitate, and test security control improvements
- Create and refine security operations workflows for new and existing tools
- Provide guidance to junior analysts
- Share on-call responsibility outside of business hours, onsite and remote
Qualifications
Minimum:
- High School or GED-General Educational Development-GED Diploma
- 4 years’ experience in IT-Information Technology security, including working in Security Operations Centers
Desired:
- Bachelor’s Degree in Computer Science or job-related discipline or equivalent experience
- Previous experience supporting cyber defense analysis of Operational Technology (OT) Networks, including Integrated Controls Systems (ICS), SCADA, and Process Control Networks (PCN).
- Formal IT Security/Network Certification, such as WCNA, CompTIA Security +, Cisco CCNA, GIAC GCIH, GMON, GCFA, GCFE, GREM, GICSP, GRID, or other relevant certifications
- Utility Industry experience
- Experience with compliance standards: NERC-CIP, SOX, TSA
- Previous experience working with various SIEM, EDR, and digital forensic technologies
- Experience with scripting in Python, PowerShell
- Malware reverse engineering skills
Compensation
PG&E is providing the full salary/pay range for this position. The actual amount paid to an individual will be based on multiple factors, including, but not limited to, internal equity, specific skills, education, licenses or certifications, experience, market value, and geographic location. The range to reasonably expect will be between the minimum and midpoint listed below. The final decision will be made on a case-by-case basis related to the factors above. This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.
Bay Area Min: $122,000.00
Bay Area Mid: $158,000.00
Bay Area Max: $194,000.00
Nearest Major Market: San Francisco
Nearest Secondary Market: Oakland