Staff System Engineer

Description

• Coordinates enterprise security policies and communications, gathers business participants input, implements changes to policies, and advises the business on policy changes
• Monitors the configuration of company-wide applications to verify they meet the standards required by the information security program
• Completes the preparation of risk assessments that are performed for new critical technologies, applications, or devices that are implemented, revised, and installed
• Fulfills security goals, scenarios, and selects cases to develop acceptable parameters of security risks or guardrails. Recommends changes to processes, software, systems, and platforms based upon security risk
• Researches, implements, and maintains an information security framework through ongoing compliance monitoring of the framework
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.
• Monitors that security risk management practices are embedded into key business processes, enables security risk reduction by working collaboratively with business partners and security programs to identify, prioritize, and mitigate security risks
• Reviews system logs and real time alerts for infrastructure to identify trends, investigate abnormalities, and report exceptions to the information security program
• Supports, installs and maintains security tools and systems, and tracks security patches and incidents
• Updates the information security program and corresponding cybersecurity policies, procedures, and controls annually based on regulatory changes, feedback from the information security committee, and the results of audits and assessments
• Monitors the IT related accepted risks for adding, updating, and removing accepted risks based on changes in technology and vulnerabilities

Requirements

• Proficiency with Docker and Kubernetes ecosystem tools
• This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
• Five or more years of experience with CI/CD pipelines and infrastructure as code.
• Seven or more years of experience in information technology, information security and/or cybersecurity.
• Experience with networking protocols and services (TCP/IP, DNS, firewalls, etc.).
• Experience with automation tools (Terraform, Ansible) and scripting (Bash, Python).
• Strong understanding of networking, storage, and security in containerized environments.
• Three or more years of experience in Kubernetes cluster administration and container orchestration.
• Position will require up to 20% traveling and being out in the field throughout the SCE service territory.
• One or more years of AI experience using LLM models
• Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
• Experience with security hardening and compliance frameworks (e.g., CIS benchmarks, NIST).

Benefits

• This position’s work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.  Unless otherwise noted, employees are required to work and reside in the state of California.  Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

Training + Development

Interview process

Visa Sponsorship

Security clearance