Security & Compliance, Specialist

Job Description

Become a Security & Compliance, Specialist at Southern California Edison (SCE) and build a better tomorrow. In this job, you'll support the implementation of business requirements, assists in gap analyses, and contributes to the development of control strategies and risk mitigation efforts. This role helps identify regulatory challenges and opportunities within the current and evolving compliance landscape.

The specialist provides input on new product structures and ensures they align with applicable regulatory requirements. They assist in meeting NERC CIP and Grid compliance obligations, including security reporting and audit preparation. Working under the guidance of the Program Manager, the specialist helps maintain operational efficiency and supports day-to-day compliance with NERC CIP standards.

The role involves collaboration with various departments such as Transmission & Distribution, Corporate Security, Generation, Energy Procurement, and Ethics & Compliance to support program deliverables and ensure effective communication with stakeholders. While the work is largely collaborative, the specialist is expected to operate independently within defined responsibilities and contribute to cross-functional compliance initiatives within the Grid Services and IT departments.

As a Security & Compliance, Specialist, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?

Responsibilities

• Implements and monitors security measures for the protection of computer systems, networks and information
• Implements and interprets system security requirements
• Coordinates the user access program for all systems both on premise and those hosted by third parties including the initial set up of users, ongoing reviews, and removal of users due to terminations and separations
• Prepares and documents standard operating procedures (SOPs) and protocols
• Delivers comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Develops technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Implements confidentiality measures that protects against unauthorized access, modification, or destruction and helps to develop IT security policies and standards to support the security objectives
• Executes risk management analysis to identify areas of risk and develops security measures to prevent loss and assists in the mitigations of those risks
• Delivers effective data management in correlation to group support needs
• Provides troubleshooting, problem analysis, debugging, and resolution of assigned systems issues
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

Minimum Qualifications

• Three or more years of experience in information technology, information security and/or cybersecurity.

Preferred Qualifications

• Bachelor's Degree in Engineering, Business, Information Technology, JD, or related field.
• One or more years of experience working with industry-standard frameworks such as NIST, ITIL, COBIT, CSF, and ISO 27001, supporting cybersecurity, IT governance, or compliance initiatives.
• Experience with regulatory compliance in utility or other industry with exposure to NERC or FERC standards and audit processes.
• One or more years of experience in supporting diverse IT infrastructure and operating systems, with proficiency in basic scripting (e.g., PowerShell, Bash) or advanced Excel skills for automation, reporting, and data analysis.
• Should be a good team player and detail oriented.
• CISA, Security+ or any compliance or cyber security certification.

Additional Information

• This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to work and reside in the state of California. Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!

• Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

• Position will require up to 10% traveling and being out in the field throughout the SCE service territory.

• This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.

• This position has an option for a 9/80 Alternate Work Schedule or 40hrs/5 days a week.

• Relocation does not apply to this position.