Cybersecurity Analyst - Governance, Risk, and Compliance (GRC) at Sempra Infrastructure in Houston, TX | Kablio

Role

Description

risk management

contract review

threat intelligence

security assessments

soc ii audits

awareness program

Increases the level of maturity in risk management and controls.
Coordinates Cybersecurity Ambassadors Community and champions cultural change initiatives across business units.
Reviews cybersecurity clauses in contracts, applicability criteria, exceptions requests and mitigating controls in accordance with company policies and industry standards.
Designs, implements, and manages a comprehensive Cybersecurity Awareness Program, including phishing simulations, threat education campaigns, and targeted training for high-risk roles.
Contacts and coordinates vendor, carrier, and remote support when necessary to resolve high-impact security issues.
Develops and monitors cybersecurity KRIs and KPIs.
Monitors Cyber Threat Intelligence resources (such as Sempra, CISA, FBI, and others).
Develops engaging content (videos, newsletters, infographics) to promote security best practices and reduce social engineering risks.
Document problems and report to management, engineers and/or peers.
Coordinates cybersecurity assessments (such as maturity, risk, and penetration testing).
Proposes and implements innovative ways to establish adequate controls, optimize risk management, and improve continuous monitoring.
Acts as the primary point of contact for awareness-related metrics and reporting to leadership, ensuring visibility into human risk trends and program effectiveness.
Manages issues and corrective actions plans identified in risk assessments through closure.
Conducts SOC II reviews and audits.
Ensures team works closely with System Engineers to implement security controls and patches based on capability and need.
Maintains good operational relationships with 3rd party risk assessment managed service providers to perform risk assessments, develop mitigation plans, and ensure appropriate service levels.
Supports the implementation of the governance & risk frameworks, policy creation & management, IT control management, and security audits & assessments️.

Requirements

grc

servicenow

archer

cissp

crisc

cybersecurity

2+ years' experience managing Governance, Risk, and Compliance of an organization with a complex Information Technology environment.
Bilingual in Spanish/English is a plus
4+ years' experience in Information Security, Cyber Security, or relevant roles.
Bachelor's Degree in Computer Science, Information Technology, or equivalent relevant work experience.
General knowledge of security software architecture/programing concepts and security integration into SDLC.
Knowledge of adult learning principles and experience leveraging e-learning platforms or gamified training tools
Technical certifications (GRC related e.g. ISACA CRISC)
Understanding of relevant cybersecurity regulations and agencies pertinent to utility environments.
General understanding of cyber security operations functions, in areas such as incident response, security monitoring, threat and vulnerability, SOC and SOC service.
Knowledge of adult learning principles and experience leveraging e-learning platforms or gamified training tool
Strong understanding of security contract management and legal requirements.
Personal drive and energy level to achieve superior results individually and through others.
Hands-on experience of enterprise GRC tools (e.g., ServiceNow, Archer etc.).
Standard certifications in Information Security (CISSP, CISM, CISA, or equivalent)
Ability to manage a diverse technical workforce in multiple locations; ability to coach.
Proven experience in cybersecurity awareness program design and delivery, including phishing simulations and behavioral risk reduction strategies
Strong communication and content development skills to engage non-technical audiences effectively
General knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, and management systems.
Ability to implement global regulatory requirements surrounding data security & privacy (e.g., GDPR, CCPA, CRPA etc.).

Benefits

Information not given or found

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

1,600 MW

Power Generation

Includes over 1,600 MW of power generation capacity, with 1,044 MW from renewable sources in Mexico.

320 MW

Wind Project

Launched the 320 MW Cimarron wind project as part of a 580 MW cross-border renewables complex.

$26B

Company Valuation

Valued at $26 billion after a $1.73 billion stake sale in 2022, financially backed by KKR and ADIA.

Born in 2021 from a merger of Sempra LNG and IEnova, it set out to shape North America’s energy backbone.
It plans & operates major LNG export terminals on both Pacific and Gulf coasts, such as Port Arthur and Energia Costa Azul.
Through its low‑carbon arm it launched the 320 MW Cimarron wind project, bundled into a 580 MW cross‑border renewables complex.
It secures green hydrogen & ammonia development deals, such as the US Gulf/West Coast framework with Avangrid.
Typical projects mix mega‑scale LNG export, pipeline builds, wind farms and low‑carbon facilities under one umbrella.
It stands out by connecting LNG and renewables, pioneering cross‑border energy links and next‑gen clean fuel ventures.

Culture + Values

Do the Right Thing
Champion People
Shape the Future
Safety: They put the health, safety, and security of their workforce, customers, and communities at the center of everything they do.
People and Culture: They care about people and foster a culture that drives high performance.
Customer Focus: Customers choose them because of their focus on meeting customer needs, distinctive and cost-effective offers, proven development capability, and dependability.
Excellence: They commit to excellence, producing high-quality, reliable outcomes to meet stakeholder objectives.
Partnerships: They build long-term relationships and strategic alliances to fulfill their mission.
Capital Efficiency: They prudently manage capital to make informed investments that fulfill their strategic objectives and meet shareholder expectations.
Financial Performance, Risk & Compliance: They create shareholder value by producing sustainable, clear, predictable earnings and strong, risk-adjusted returns on capital.
Technology and Innovation: They embrace innovation and leverage technology aimed at achieving their business goals.
Sustainability: They create sustainable value through world-class safety, championing people, resilient operations, and enabling the energy transition to a lower-carbon future.

Environment + Sustainability

Net‑zero by 2050

Emissions Target

Aim to achieve net-zero emissions across all scopes by 2050.

20% intensity reduction

GHG Target

Targets a 20% reduction in GHG emissions intensity by 2025 compared to 2020 levels.

28% emission drop

2021 Performance

Achieved a 28% reduction in GHG emissions intensity in 2021 compared to the 2020 baseline.

Joined Carbon Neutral Coalition in 2022 to support policy for CCUS enabling net‑zero by 2050
Developing low‑carbon solutions: carbon capture & sequestration, hydrogen, ammonia, renewable natural gas
Partnering on e‑natural gas project (carbon‑neutral LNG supply chain) announced August 30 2023
Part of Sempra 3Ds framework (Decarbonization, Diversification, Digitalization) with interim goals through 2025, 2030 and 2050
Expect suppliers to track environmental metrics: reduce GHG, restore land, minimize energy/water use, reduce waste, reuse/recycle materials

Inclusion & Diversity

Top 10

Recognized as a Great Place to Work

The company was named in the top 10 of Mexico’s Great Place to Work for companies with 500–5,000 employees.

Top 100

Ranked in Equidad MX Program

Achieved a top 100 rating from Human Rights Campaign’s Equidad MX Global Workplace Equity Program.

Program GROW focuses on growing responsibilities and opportunities for women’s career development.
A Local Diversity & Inclusion Council, an employee-led group, promotes a respectful and inclusive workplace.
Launched the inaugural Diversity & Inclusion Week in Mexico with panels, dialogues, and visits.
Belief in the value of diverse perspectives and backgrounds to elevate performance.
A women’s network inspiring future energy workforce and leaders, highlighted in March 2024.

Articles

About Us

Careers

Sustainability

Role

Description

risk management

contract review

threat intelligence

security assessments

soc ii audits

awareness program

Increases the level of maturity in risk management and controls.
Coordinates Cybersecurity Ambassadors Community and champions cultural change initiatives across business units.
Reviews cybersecurity clauses in contracts, applicability criteria, exceptions requests and mitigating controls in accordance with company policies and industry standards.
Designs, implements, and manages a comprehensive Cybersecurity Awareness Program, including phishing simulations, threat education campaigns, and targeted training for high-risk roles.
Contacts and coordinates vendor, carrier, and remote support when necessary to resolve high-impact security issues.
Develops and monitors cybersecurity KRIs and KPIs.
Monitors Cyber Threat Intelligence resources (such as Sempra, CISA, FBI, and others).
Develops engaging content (videos, newsletters, infographics) to promote security best practices and reduce social engineering risks.
Document problems and report to management, engineers and/or peers.
Coordinates cybersecurity assessments (such as maturity, risk, and penetration testing).
Proposes and implements innovative ways to establish adequate controls, optimize risk management, and improve continuous monitoring.
Acts as the primary point of contact for awareness-related metrics and reporting to leadership, ensuring visibility into human risk trends and program effectiveness.
Manages issues and corrective actions plans identified in risk assessments through closure.
Conducts SOC II reviews and audits.
Ensures team works closely with System Engineers to implement security controls and patches based on capability and need.
Maintains good operational relationships with 3rd party risk assessment managed service providers to perform risk assessments, develop mitigation plans, and ensure appropriate service levels.
Supports the implementation of the governance & risk frameworks, policy creation & management, IT control management, and security audits & assessments️.

Requirements

grc

servicenow

archer

cissp

crisc

cybersecurity

2+ years' experience managing Governance, Risk, and Compliance of an organization with a complex Information Technology environment.
Bilingual in Spanish/English is a plus
4+ years' experience in Information Security, Cyber Security, or relevant roles.
Bachelor's Degree in Computer Science, Information Technology, or equivalent relevant work experience.
General knowledge of security software architecture/programing concepts and security integration into SDLC.
Knowledge of adult learning principles and experience leveraging e-learning platforms or gamified training tools
Technical certifications (GRC related e.g. ISACA CRISC)
Understanding of relevant cybersecurity regulations and agencies pertinent to utility environments.
General understanding of cyber security operations functions, in areas such as incident response, security monitoring, threat and vulnerability, SOC and SOC service.
Knowledge of adult learning principles and experience leveraging e-learning platforms or gamified training tool
Strong understanding of security contract management and legal requirements.
Personal drive and energy level to achieve superior results individually and through others.
Hands-on experience of enterprise GRC tools (e.g., ServiceNow, Archer etc.).
Standard certifications in Information Security (CISSP, CISM, CISA, or equivalent)
Ability to manage a diverse technical workforce in multiple locations; ability to coach.
Proven experience in cybersecurity awareness program design and delivery, including phishing simulations and behavioral risk reduction strategies
Strong communication and content development skills to engage non-technical audiences effectively
General knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, and management systems.
Ability to implement global regulatory requirements surrounding data security & privacy (e.g., GDPR, CCPA, CRPA etc.).

Benefits

Information not given or found

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

1,600 MW

Power Generation

Includes over 1,600 MW of power generation capacity, with 1,044 MW from renewable sources in Mexico.

320 MW

Wind Project

Launched the 320 MW Cimarron wind project as part of a 580 MW cross-border renewables complex.

$26B

Company Valuation

Valued at $26 billion after a $1.73 billion stake sale in 2022, financially backed by KKR and ADIA.

Born in 2021 from a merger of Sempra LNG and IEnova, it set out to shape North America’s energy backbone.
It plans & operates major LNG export terminals on both Pacific and Gulf coasts, such as Port Arthur and Energia Costa Azul.
Through its low‑carbon arm it launched the 320 MW Cimarron wind project, bundled into a 580 MW cross‑border renewables complex.
It secures green hydrogen & ammonia development deals, such as the US Gulf/West Coast framework with Avangrid.
Typical projects mix mega‑scale LNG export, pipeline builds, wind farms and low‑carbon facilities under one umbrella.
It stands out by connecting LNG and renewables, pioneering cross‑border energy links and next‑gen clean fuel ventures.

Culture + Values

Do the Right Thing
Champion People
Shape the Future
Safety: They put the health, safety, and security of their workforce, customers, and communities at the center of everything they do.
People and Culture: They care about people and foster a culture that drives high performance.
Customer Focus: Customers choose them because of their focus on meeting customer needs, distinctive and cost-effective offers, proven development capability, and dependability.
Excellence: They commit to excellence, producing high-quality, reliable outcomes to meet stakeholder objectives.
Partnerships: They build long-term relationships and strategic alliances to fulfill their mission.
Capital Efficiency: They prudently manage capital to make informed investments that fulfill their strategic objectives and meet shareholder expectations.
Financial Performance, Risk & Compliance: They create shareholder value by producing sustainable, clear, predictable earnings and strong, risk-adjusted returns on capital.
Technology and Innovation: They embrace innovation and leverage technology aimed at achieving their business goals.
Sustainability: They create sustainable value through world-class safety, championing people, resilient operations, and enabling the energy transition to a lower-carbon future.

Environment + Sustainability

Net‑zero by 2050

Emissions Target

Aim to achieve net-zero emissions across all scopes by 2050.

20% intensity reduction

GHG Target

Targets a 20% reduction in GHG emissions intensity by 2025 compared to 2020 levels.

28% emission drop

2021 Performance

Achieved a 28% reduction in GHG emissions intensity in 2021 compared to the 2020 baseline.

Joined Carbon Neutral Coalition in 2022 to support policy for CCUS enabling net‑zero by 2050
Developing low‑carbon solutions: carbon capture & sequestration, hydrogen, ammonia, renewable natural gas
Partnering on e‑natural gas project (carbon‑neutral LNG supply chain) announced August 30 2023
Part of Sempra 3Ds framework (Decarbonization, Diversification, Digitalization) with interim goals through 2025, 2030 and 2050
Expect suppliers to track environmental metrics: reduce GHG, restore land, minimize energy/water use, reduce waste, reuse/recycle materials

Inclusion & Diversity

Top 10

Recognized as a Great Place to Work

The company was named in the top 10 of Mexico’s Great Place to Work for companies with 500–5,000 employees.

Top 100

Ranked in Equidad MX Program

Achieved a top 100 rating from Human Rights Campaign’s Equidad MX Global Workplace Equity Program.

Program GROW focuses on growing responsibilities and opportunities for women’s career development.
A Local Diversity & Inclusion Council, an employee-led group, promotes a respectful and inclusive workplace.
Launched the inaugural Diversity & Inclusion Week in Mexico with panels, dialogues, and visits.
Belief in the value of diverse perspectives and backgrounds to elevate performance.
A women’s network inspiring future energy workforce and leaders, highlighted in March 2024.

Articles

About Us

Careers

Sustainability