Manager, Cybersecurity

Requisition ID # 157847 

Job Category: Information Technology 

Job Level: Manager/Principal

Business Unit: Information Technology

Work Type: Hybrid

Job Location: Rocklin

Department Overview

The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. The Cybersecurity team consists of security professionals in their chosen disciplines working together, to review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks. The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesize current legal, regulatory, and operating mandates with PG&E’s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E’s LOBs make informed decisions about where to invest their resources.

Position Summary

Deliver cybersecurity functions to effectively ensure the safe and reliable operation of PG&E Information Technology & Operational Technology systems. These services are delivered through team leadership in one or more of the following major functional areas: Technology Risk and Strategy; Policy, Compliance, and Awareness; Business Continuity and Disaster Recovery; Assessment and Verification; Threat and Vulnerability Management; Business (Front Office) Operations; Identity and Access Management; Security Infrastructure Operations; Controls, Metrics & Reporting; and Security Project Delivery. Accountable for the successful development & execution of overall Cybersecurity department strategic plans in alignment with company strategic vision & goals.

PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity.

A reasonable salary range is:

California Minimum: $143,000

California Maximum: $244,000

Job Responsibilities

• Acts as a subject matter expert in area of field and applies extensive knowledge of concepts, principles, and practices.
• Manages department budget.
• Collaborates with team or leaders to work on issues, projects or activities.
• Presents findings and makes recommendations to officers and high level leaders.
• Develops effective metrics to track, report on and improve overall department performance.
• Develops and implements work plans in support of department goals and develop employee accountability.
• Sets department goals in support of established objectives.
• Coordinates the gate reviews of projects that support our client organizations as well as IT operations and security projects.
• Develops and implements programs including leading coordination and facilitation of program review sessions to review costs, schedule and program effectiveness.
• Manages the integration of vendor tasks and track and review vendor deliverables.

Qualifications

Minimum:

• Bachelors Degree in Computer Science or job-related discipline or equivalent experience
• Experience in IT-Information Technology security, multi-platform, or related
• 6 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience
• 3 years Leadership experience
• CISSP-Certified Information Systems Security Professional certification

Desired:

• Masters Degree in Computer Science or equivalent experience
• Utility industry experience
• Leadership experience or related
• CIP-Critical Infrastructure Protection certification
• CISM-Certified Information Security Manager certification
• CRISC-Certified in Risk and Information Systems Control certification