Cybersecurity Awareness Advisor Edison International
Rosemead, CA

Job Description

ENERGY FOR WHAT'S AHEAD

Are you looking to make a difference in your career? We're working on smarter grids, cleaner energy and tools to help people manage energy more efficiently.

About IT

The role of IT goes beyond the traditional Information Technology "service provider." Many of the innovative ideas and projects that shape the company's future and move SCE forward are dependent on technology. IT employees are at the heart of these projects, collaborating, designing and executing technology solutions that are transforming our industry.

Position Overview

The Cybersecurity Awareness Advisor resides in the Cybersecurity & IT Compliance Department within Southern California Edison's (SCE) Information Technology Organizational Unit. He/she will advise within the following functions as the NERC CIP Security Awareness (SAW) Program Manager. The Program Manager represents the Program Owner in the execution of the day-to-day activities of the Program. The Program Manager ensures efficiency in the operations on behalf of the Program Owner and escalates issues and/or areas of concern to the Program Owner. He/ She manages the overall Program and provides direction and guidance to the Process Owners and other personnel working within the program. The Program Manager ensures Program compliance to the NERC CIP SAW standards. In the role of the SAW Program Manager, the Cybersecurity Awareness Advisor works closely with the Manager of IT NERC CIP Programs.

The Cybersecurity Awareness Advisor will also work with the Cybersecurity Awareness Team to ensure the effective implementation of Phishing consequences and drive compliance with mandatory Cybersecurity training enterprise-wide.

Areas of Responsibilities:

* NERC CIP Security Awareness Program Manager
* Compliance evidence - periodically reviews all compliance evidence for accuracy and completeness; ensures all evidence is stored effectively in standard repository
* Change board/change process - assesses and presents proposed changes for compliance implications ensuring/tracking completion of required compliance activities.
* Recurring compliance activities - oversees, tracks, reports status on recurring compliance activities. Develops and updates SAW documentation.
* Supports (on behalf of Cybersecurity & IT Compliance) the Security Awareness Program (SAW) and other Cybersecurity & IT Compliance-impacting programs as needed (Subject Matter Expertise for Cyber Security Training (CST) Program).
* Issues case management - coordinates WECC submissions and data requests related to assigned noncompliance issues, assists in development of remediation plans and document for submission to WECC, coordinates/oversees/tracks/reports status of remediation activities, closes out issues with Ethics & Compliance, LAW, and WECC, coordinates with the team for initial submission of potential noncompliance issues to begin corporate process with Ethics & Compliance/LAW/registered entities/executives.
* Be a focal point for compliance questions and legal interpretations (coordinating with the team and LAW).
* Collaborates with various OUs (e.g. Corporate Security, Transmission & Distribution, Energy Procurement & Management) and NERC CIP Programs (e.g. Access Management and Revocation (AMR), BCS Identification and Categorization (BCS), Management Controls Program (MCP), to improve and implement SAW procedures and processes.
* Coordinates subject matter expertise for NERC CIP training as requested.
* Cybersecurity Awareness
* Ensures effective implementation of Phishing Consequences enterprise-wide in collaboration with Cybersecurity leadership, HR, Law, Ethics & Compliance, Labor Relations and other OUs as needed.
* Advises and collaborates with the Cybersecurity Awareness Team on phishing simulation development and implementation.
* Advises on role-based strategy implementation for phishing simulations and associated training.
* Assists in the development and implementation of the strategies, processes, procedures, and metrics for the Cybersecurity Awareness Program.
* Collaborates with HR Employee Learning & Development and OU contacts to facilitate enrollment and ensure mandatory Cybersecurity training is completed by employees and supplemental workers in a timely manner enterprise-wide.
* Cybersecurity Outreach & Operations Support
* Provides project support as needed to Cybersecurity leadership; including support of the General Rate Case (GRC).
* Supports the Cybersecurity & IT Compliance GRC lead with data requests from the CPUC and advising on testimony.
* Supports Cybersecurity & IT Compliance Incident Management Team (IMT) activities.
* Recommends, interprets, improves, implements, and/or executes organization and internal business operation policies and procedures.

Minimum Qualifications

* Bachelor's degree.
* Seven (7) years' performing cybersecurity, information governance, compliance and/or risk management roles.
* Familiarity with NERC CIP Security Awareness compliance requirements.
* Experience with project management, process improvement, and cross functional teams.
* Demonstrated knowledge of information security policies, standards, and/or governance controls in complex computing environments.
* Ability to work independently and on multiple, high-priority efforts effectively and in a timely fashion.
* Highly proficient and experienced with Microsoft Office Suite applications.

Desired Qualifications

* Experience with implementing NERC CIP Security Awareness compliance requirements.
* Experience with the SCE General Rate Case (GRC) processes and research requirements.
* Ability to generate status and metric reports as needed.
* Familiarity with Phishing tools and processes including metric collection and reporting
* Experience working across multiple lines of business to implement training plans and track organizational progress, development, metrics.

Comments

* Candidates for this position must be legally authorized to work directly as employees for any employer in the United States without visa sponsorship.
* Relocation does not apply to this position.

Southern California Edison, an Edison International (NYSE:EIX) company, serves a population of approximately 15 million via 5 million customer accounts in a 50,000-square-mile service area within Central, Coastal and Southern California. Join the utility leader that is safely delivering reliable, affordable electricity to our customers for over 125 years.

SCE is a proud Equal Opportunity Employer and will not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other protected status.

#L1-WT1