Job Description
Join the Clean Energy Revolution Become a Cybersecurity Vulnerability Management Data Senior Specialist at Southern California Edison (SCE) and build a better tomorrow. In this job, you will apply your engineering and data analysis skills to find, prioritize, and drive remediation of security vulnerabilities across our infrastructure and applications. You’ll serve as a trusted partner to our Vulnerability Management, Risk Management, and Remediation Governance teams. If you’re passionate about working with large data sets, prioritizing security findings, maturing risk-based remediation processes, and building dashboards and reports for executive visibility, we’d love to have you on our team! In this role you will: Manage a Unified Vulnerability Management and Security Remediation platform, analyze vulnerability and risk data, validate vulnerability detection coverage, identify visibility gaps, and support continuous improvement efforts across our program. Work with vulnerability data collected from a number of different tools to develop, maintain, and optimize risk-based vulnerability logic and analytics to aggregate, normalize, and prioritize security findings. Gather requirements from stakeholders and help tune our scanners to reduce noise, manage exclusions, and validate findings through cross-correlation of data between tools. Bring your strong vulnerability management and data analysis skills to solve complex problems at enterprise scale, write and quickly digest technical architecture and engineering documentation, and contribute to architecture diagrams and SOPs. To ensure compliance and security policy alignment with industry standards and best practices, you’ll also work with partner teams to plan upgrades and make formal process improvement recommendations. As a Cybersecurity Vulnerability Management Data Senior Specialist , your work will help power our planet, reduce carbon emissions, and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future? Responsibilities Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems. Carries out project reporting for assigned projects, monitoring project status, timeline and budgets. Assists in the planning and implementation of current and future security domains including those which may introduce new service areas. Adopts and follows security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams. Monitors technology risk, identifies root cause or key themes, recommends for resolution. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate. Reviews and shapes the production of evidence to support internal and external audits. Implements appropriate security measures for information systems and applications that control access to data, and prevents unauthorized modification, destruction, or disclosure of information. Develops and maintains metrics, alerts, dashboards, and reports for security monitoring. Maintains incident response plans and performs incident response activities as directed and in accordance with established procedures and guidelines and those of federal authorities. A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity. Minimum Qualifications Five or more years of experience in information technology, information security and/or cybersecurity. US Citizenship Required. Preferred Qualifications Three or more years of experience working with Vulnerability Management tools and platforms. Advanced experience working with a Unified Vulnerability Management and Security Remediation platform such as Wiz, ServiceNow Vulnerability Response, or Brinqa. Understanding vulnerability management data and the ability to extract actionable insights. Proficiency with basic scripting and automation techniques. Strong understanding of data normalization, correlation, and deduplication. Experience collaborating in a team environment. Certifications from IT and Cybersecurity industry leaders. Experience integrating vulnerability management tools with CMDB, ti