Cybersecurity Operations Center, Senior Specialist

Apply now »

Date: Feb 21, 2025

Location: Rosemead, CA, US, 91770-3714

Company: Southern California Edison

Join the Clean Energy Revolution

Become a Cybersecurity Operations Center, Senior Specialist at Southern California Edison (SCE) and build a better tomorrow. In this job, you’ll perform advanced threat detection, investigation, and response activities to support the 24/7 Cybersecurity Operations Center. This role involves conducting detailed analysis of security alerts, investigating complex security incidents, and providing expert-level triage and response. The Cybersecurity Operations Center, Senior Specialist will also be responsible for collaborating closely with the incident response team, ensuring rapid containment and remediation of cyber threats, and supporting continuous improvement efforts by developing and maintaining detection use cases and response playbooks. Additionally, this role requires staying current on emerging threats and applying advanced cybersecurity expertise to improve the organization's defensive posture. You'll conduct in-depth analysis and triage of security alerts generated by various monitoring tools (e.g., SIEMs, endpoint detection platforms, etc.). Investigate complex incidents, determine the nature and scope of threats, and apply advanced incident response techniques to mitigate risks. Work closely with the incident response team to ensure rapid containment, eradication, and recovery efforts. Collaborate with the incident response and engineering teams to continuously improve detection capabilities. This includes developing and curating detection use cases, refining alert logic to reduce false positives, and ensuring that alerts accurately reflect potential threats. Additionally, document and maintain incident response playbooks, standard operating procedures (SOPs), and response workflows. Provide expert-level advisement and guidance during major cybersecurity incidents. This includes participating in incident debriefs, performing root-cause analysis, and developing post-incident reports to ensure lessons learned are applied to future incident response efforts. Collaborate with other teams to ensure security best practices are followed across the organization. 

Responsibilities

  • Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems
  • Carries out project reporting for assigned projects, monitoring project status, timeline and budgets
  • Assists in the planning and implementation of current and future security domains including those which may introduce new service areas
  • Adopts and follows security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams
  • Monitors technology risk, identifies root cause or key themes, recommends for resolution
  • Investigates suspected attacks and manages security incidents. Uses forensics where appropriate
  • Reviews and shapes the production of evidence to support internal and external audits
  • Implements appropriate security measures for information systems and applications that control access to data, and prevents unauthorized modification, destruction, or disclosure of information
  • Develops and maintains metrics, alerts, dashboards, and reports for security monitoring
  • Maintains incident response plans and performs incident response activities as directed and in accordance with established procedures and guidelines and those of federal authorities
  • A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

Minimum Qualifications

  • Five or more years of experience in information technology, information security and/or cybersecurity.
  • US Citizenship Required.

 

Preferred Qualifications

  • Strong written and verbal communication skills  
  • Cybersecurity Certifications: CISSP, or GISF, or GSEC 
  • Experience colloaborating in a team enviroment 
  • 2 or more years of experience working with triage cyber security alerts

 

 

Additional Information 

  • This position’s work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.  Unless otherwise noted, employees are required to work and reside in the state of California.  Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

  • Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

  • Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more! 

 

About Southern California Edison

The people at SCE don't just keep the lights on. Our mission is so much bigger. We’re fueling the kind of innovation that’s changing an entire industry, and quite possibly the planet. Join us and create a future with cleaner energy, while providing our customers with the safety and reliability they demand. At SCE, you’ll have a chance to grow personally and professionally, making a real impact in Southern California and around the world.

 

At SCE, we celebrate our differences. We are a proud Equal Opportunity Employer and will not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other protected status.

 

We are committed to ensuring that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations at (833) 343-0727.