Job Title: Cyber Incident Specialist, Principal
Job Location: San Francisco, CA
Job Type: Staff
Job Description
The Enterprise Technology Risk Management (ETRM) function is responsible for IT security
across the organization as well as the related implementation of appropriate controls for
regulations such as SOX, HIPAA, CA1386 and NERC/CIP. The function has direct responsibility
for establishing IT Security standards, toolsets and processes and then matrixing them to the
delivery, operation and maintenance areas across PG&E. The Threat & Incident Management
group is responsible for ensuring that PG&E proactively identifies and assesses threats to its
network and data, investigates intrusions and other relevant events, and has a sophisticated and
detailed understanding of the evolving threat landscape.
The Cyber Incident Specialist, Principal will build out and manage the Incident Response program,
providing leadership, support, guidance and mentoring to the Incident Response team. The
Incident Response program includes cyber incident response, digital forensics and eDiscovery
services provided to the entire company. The ideal candidate will possess extensive experience in
the area of incident response supplemented by expertise in digital forensic investigations and the
evidentiary process, ideally honed in a corporate environment. In addition to strong judgement and
discretion, he/she will possess exceptional communication and presentation skills.
Requirements
Required:
- Bachelor's Degree, or equivalent work experience
- CISSP or EnCE or ACE or CCE or related Degree
Highly Desired:
- CFE, GREM,
- Other Certifications considered desirable include ECSAP, EnCE, GCFA Security, SANS
- certificates.
- A minimum of 10 years in cyber incident response or digital forensic experience; may be substituted for other more specialized experience such as malware reverse engineering and application programming experience.
- Politically astute; persuasive and credible at senior levels
- Strong case management and forensic procedural skills
- Previous experience with Guidance EnCase and other digital investigations tools
- Deep technical skills including malware reverse engineering, scripting and other relevant technical security skills
- Strong case management and forensic procedural skills
Responsibilities
- Serves as the ultimate subject matter expert on cyber incident response within the company
- Leads PG&E’s response activities to cyber incidents in concert with the IT department and
- affected lines of business.
- Utilizes digital forensic tools including Guidance EnCase to lead digital investigations and perform
- incident response activities.
- Understands how threat actors execute cyber-attacks and has the ability to search for and find
- evidence of those attacks
- Conducts investigations of computer based events and other security issues.
- Establishes links between suspects and other violators by piecing together evidence uncovered
- from a variety of sources.
- Analyzes and evaluates investigative progress to reassess priorities, leads and direction.
- Maintains a liaison with the organization's Law Department and Corporate Security
- Prepares clear, comprehensive and cohesive investigative reports based on established procedures.
- Detects and assesses threats to the infrastructure.
- Establishes and maintains defensible evidentiary process for all investigations
- Uses and maximizes relevant investigative tools, software and hardware
- Coordinates with IT to leverage skills and resources in support of investigations
- Contributes to Information Security investigation best practices
- Advances the practice and science of information security investigation
Pacific Gas and Electric Company is an AA/EEO employer that actively pursues and hires a diverse workforce.
Contact Information:
Christopher Lee
Pacific Gas and Electric Company
San Francisco, CA
415-852.0162
www.pge.com/careers | Requisition Number: 50576605