SDG&E is an innovative San Diego-based energy company that provides clean, safe and reliable energy to better the lives of the people it serves in San Diego and southern Orange counties. The company is committed to creating a sustainable future by providing its electricity from renewable sources; modernizing natural gas pipelines; accelerating the adoption of electric vehicles; supporting numerous non-profit partners; and, investing in innovative technologies to ensure the reliable operation of the region’s infrastructure for generations to come. SDG&E is a subsidiary of Sempra Energy (NYSE: SRE).
Our highly trained and responsive employees with their diverse skills, talents and ideas are the reason we can deliver on our commitment and are building America’s best energy company. They are also the reason why we have been recognized with the industry’s most coveted awards. Our employees undertake challenging work, and receive highly competitive compensation and benefits. As one of the region’s largest employers, we’re always searching for talented and bright people to join our team. After all, it takes the best to build the best. Learn more about benefits HERE.
Diversity and inclusion are core values of SDG&E. Empowering our employees to be their whole selves at work is our competitive advantage. This is where new ideas come from and meaningful collaboration gets an authentic start. By bringing together people with different perspectives, diverse backgrounds and real commitment to their own individuality, we have built a stronger business. Learn more about our commitment to diversity and inclusion HERE.
Effectively provides oversight and guidance to ensure strict adherence with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance standards and requirements. Provide direction to operations personnel and business units in the interpretation and evidence collection requirements needed to meet and/or exceed NERC CIP standards and requirements. Performs frequent reviews of evidence, reports, and personnel records to maintain NERC CIP compliance posture. Develop and maintain documentation, processes, and procedures to support NERC CIP operations and business units.
Duties and Responsibilities
– Oversees and maintains strict adherence to NERC CIP compliance efforts.
– Develops and maintains up-to-date reports and evidence for NERC CIP standards and requirements for audit purposes.
– Perform reviews of system generated evidence and reports configurations to ensure compliance requirements are met and/or exceeded.
– Develops and maintains standards, processes, and procedures for the safe and reliable operation of hardware, software, applications and network equipment.
– Proactively develops and maintains risk-based internal controls that will be used in support of processes and procedures.
– Mentors Cybersecurity CIP Team personnel on NERC CIP best practices and process.
– Performs other duties as assigned (no more than 5% of duties).
– Bachelor’s Degree in Computer Science, other science/technology major or equivalent training and/or experience.
– 6 years – Detailed experience with IT compliance related activities (NERC CIP, SOX, HIPPA, DoD).
– 5 years – Demonstrated advanced experience, proficiency and deep understanding of compliance evidentiary requirements in relation to IT infrastructure, applications, or networks, operations and configuration management.
– 5 years – Detailed Experience with NIST Cybersecurity Framework (CSF) or Risk Management Framework (RMF) (e.g. NIST 800-53, ISO 27000).
– Working knowledge of evolving cybersecurity threats and best practice for mitigation.
– Knowledge of IT compliance related activities.
– Results oriented, high energy, and self-motivated.
– Excellent written and verbal communication skills.
– Excellent teamwork skills.
– Valid Drivers License for only when driving company vehicles.
– 24 Hour Response Availability.
– Travel to other business units as required.
– Must reside in Southern California or be willing to relocate upon hire.
– We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office two to three days per week and work remotely on the remaining workdays.
– (ISC)2 Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certificated Internal Auditor (CIA) certificate or equivalent.
– Experience with NERC CIP compliance requirements.
– Experience in the Energy or Utilities sector.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.