Enterprise Cybersecurity Strategist- California (Hybrid), Colorado (Remote)

Join the Clean Energy Revolution

Become an Enterprise Cybersecurity Strategist at Southern California Edison (SCE) and build a better tomorrow. In this role, you will lead and enhance our security posture across the SCE enterprise.

The Enterprise Cybersecurity Strategist will need to have in-depth knowledge of multiple security disciplines. The candidate should have experience in several of the following areas: Operational Technology (OT), Application Security, Identity Security, Data Security, and general cybersecurity architecture practices. This role requires a strategic thinker who can develop and implement robust security frameworks, align security initiatives with business objectives, and provide expert guidance on emerging threats and risk mitigation strategies.

Focus areas for this position include in-depth experience in at least two of the following areas:

Operational Technology (OT) Security:

• Develop and enforce security policies for industrial control systems (ICS) and SCADA environments.

• Collaborate with engineering and operations teams to ensure compliance with cybersecurity regulations (e.g., NIST 800-82, IEC 62443).

Application Security:

• Define and implement secure software development lifecycle (SDLC) practices.

• Assess and enhance application security measures, including vulnerability management and threat modeling.

• Experience with DevSecOps and designing security integrations into CI/CD pipelines.

Identity Security:

• Design and oversee identity and access management (IAM) strategies, including zero-trust architecture.

• Ensure the cohesive design and provide technical strategy of privileged access management (PAM) and multi-factor authentication (MFA) solutions and other existing and emerging identity technologies.

Data Security:

• Develop and enforce data classification, encryption, and loss prevention strategies.

• Implement security measures to protect sensitive data at rest, in transit, and in use.

• Ensure designs align with compliance with data protection regulations (e.g., GDPR, CCPA, HIPAA).

Cybersecurity Architecture:

• Design and implement enterprise security architecture aligned with industry best practices and frameworks. (SABSA, TOGAF, and Zero Trust).

• Conduct security assessments to identify and mitigate architectural vulnerabilities.

• Lead security initiatives related to cloud, network, and endpoint security.

As an Enterprise Cybersecurity Strategist, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?

Responsibilities

• Drives endpoint security across the organization ensuring that Enterprise and Platform infrastructure is secure, protecting SCE's employees and customers
• Participates in determination of security requirements, evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture and platform; identifying integration issues; and preparing cost estimates
• Facilitates planning security systems by evaluating network and security technologies, developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs) adhering to industry standards
• Leads implementation of security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation
• Monitors and ensures compliance to standards, policies, and procedures through conducting incident response analyses, and participating in training programs
• Prepares system security reports by collecting, analyzing, and summarizing data and trends
• Performs risk assessments and threat modeling exercises to identify risks in home-grown and third-party services and applications
• Creates security tooling to secure corporate infrastructure and development environments
• Documents processes for and provides support of the Enterprise Security Architecture
• Provides guidance on the data security processes including encryption, privacy management, data classification and assigning certain security levels based on classification
• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

Minimum Qualifications

• Ten or more years of experience in information technology, information security and/or cybersecurity.
• US Citizenship Required

Preferred Qualifications

• Bachelor's Degree in Computer Science, Information Systems, Engineering, or related discipline.
• Ten or more years of experience working in large system design, program development, and/or security frameworks (NIST, Purdue Model, MITRE ATT&CK).
• Possess one or more of the following Information Security certifications: CISSP, CISSA, CISM, GSEC, CRISC or other related certifications.
• Experience with SCADA or Real-Time System Security expertise.
• Experience with integrating NIST 800-82 control systems standards into existing Cybersecurity standards.
• Experience designing and/or implementing security controls in controls systems networks as well as IT networks.

Additional Information

• In California: This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to work and reside in the state of California. Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.
• In Colorado: The position's work mode is remote. Employee is able to work primarily at home or remote however, the employee may be expected to come to an SCE facility on occasion. Unless otherwise noted, employees are required to work and reside in the state of California. Hiring organizations can add further requirements related to specific jobs. Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!
• Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
• This position has been identified as a NERC/CIP impacted position - Prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un-escorted access to assigned work location and performing necessary job duties.
• US Citizenship required as part of Critical Infrastructure security protocols.
• Relocation may apply to this position.

Benefits

• Medical, Dental, Vision Plans
• Retirement & Investing (401K with Company Match and Automatic company contributions)
• Disability and Life Insurance
• Paid Time Off (Vacation, Holidays, Sick Leave)
• Educational Reimbursement
• Rideshare Program
• Wellness Program
• EAP (Employee Assistance Program)

Posting Dates/Application Window:

4/16/25-5/16/25

About Southern California Edison

The people at SCE don't just keep the lights on. Our mission is so much bigger. We're fueling the kind of innovation that's changing an entire industry, and quite possibly the planet. Join us and create a future with cleaner energy, while providing our customers with the safety and reliability they demand. At SCE, you'll have a chance to grow personally and professionally, making a real impact in Southern California and around the world.

At SCE, we celebrate our differences. We are a proud Equal Opportunity Employer and will not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other protected status.

We are committed to ensuring that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations at (833) 343-0727.