We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Get Into Energy Jobs

Jobs in
Nuclear Energy
Jobs in
Natural Gas Energy
Jobs in
Renewable Energy
Jobs in
Electric Power
Business Careers
in Energy
Jobs in Nuclear Energy
Jobs in Natural Gas Energy
Jobs in Renewable Energy
Jobs in Electric Power
Business Careers in Energy
Home View All Jobs (9,288)

Job Information

PG&E Expert OT Cyber Incident Responder in Concord, California

Expert OT Cyber Incident Responder

Location: Concord, California

Requisition ID # 157239-en_US

Save Job I'm Interested

Our IT professionals are at the enterprise's core, leveraging modern technology to deliver safe and reliable energy to our customers. We use AI, the cloud, data science, and the latest tools and programming languages to solve hard, interesting problems and tackle challenges like the ever-growing threat of climate change, wildfires, and breaches of cyber security. Join us and experience the satisfaction of being a technology enabler for a company that leads the industry in innovation.

  • Entry, Mid, Senior, Executive

  • Full-Time

Success Profile

What makes a successful Team Member at PG&E? Check out the top traits we’re looking for and see if you have the right mix.

  • Adaptable

  • Collaborative

  • Creative

  • Curious

  • Results-driven

  • Thoughtful

Benefits

PG&E is proud to provide a comprehensive benefits program to help you take care of your physical, emotional and financial health. In addition to the offerings below, you can expect inclusive programs in areas such as performance recognition, training and employee development, mentoring and more.

Paid Time Off

Vacation, Sick Hours, Holidays, Family Leave

Employee Resource Groups

16 ERGs at the core of our DEIB culture that support employee development and foster business relationships

Professional Development

Leadership and Employee Development Courses, LinkedIn Learning, Mentoring Program and up to $8,000 for Tuition Reimbursement

Healthcare

Low-Cost Medical, Dental, Life/Accident/Disability Insurance and Free Vision

Healthcare & Dependent Care FSA

Pre-tax employee-funded accounts that cover certain out-of-pocket medical and dependent care expenses

Retirement Plans

401(k) Matching up to 8% AND Cash Balance Pension (no Cost to you)

Job Details

Requisition ID # 157239

Job Category: Information Technology

Job Level: Individual Contributor

Business Unit: Information Technology

Work Type: Hybrid

Job Location: Concord

Department Overview

The Cybersecurity function is led by PG&E’s Senior VP and Chief Information Officer and is responsible for cybersecurity and risk management across the organization.

The Security Intelligence and Operations Center (SIOC) is responsible for ensuring that PG&E proactively identifies and assesses threats to its user and operational network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape.

Position Summary

The Expert OT Cyber Incident Responder will be curious and knowledgeable regarding cyber security standards and technologies, specifically focused on infrastructure within an industrial control system (ICS) environment, able to work independently or with appropriate stakeholders as needed. You will provide the opportunity to focus on threat identification, proactive threat hunting, incident response, and cyber threat intelligence fusion. You will be part of a highly collaborative, dynamic, responsive, and agile team providing incident response and cyber defense services to IT & OT infrastructure.

You will primarily be responsible for system-based defense to support forensic analysis of compromised devices, endpoint log analysis, development, delivery, and enforcement of response and remediation activities across the organization. You will also be responsible for development of advanced mitigations to ensure defensive resiliency. Daily activities will include collection and analysis of potentially compromised systems, malware analysis, root cause analysis, and remediation efforts. In this role, you will work multi-functionally in a diverse teaming environment with various internal points of contacts and handoffs.

The role is hybrid and is expected to be in-person at least one day per week in the SIOC in Concord, CA.

PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed between the entry point and the middle of the range, the decision will be made on a case-by-case basis related to these factors.​ This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.

A reasonable salary range is:​

Bay Area Minimum: $136,000

Bay Area Maximum: $232,000

Job Responsibilities

  • Maintain knowledge of adversary activities, including intrusion tactics, attack techniques and operational procedures.

  • Investigate and respond to potential cybersecurity incidents

  • Analysis of security event logs from a variety of sources

  • Forensic analysis of potential evidence

  • Static and dynamic malware analysis

  • Network packet capture analysis

  • Lead incident response efforts, coordinating resources as needed

  • Documentation of analysis, including summarization for executive review

  • Perform proactive threat hunting

  • Work cross-functionally to recommend, facilitate, and test security control improvements

  • Create and refine security operations workflows for new and existing tools

  • Provide guidance to junior analysts

  • Share on-call responsibility outside of business hours, onsite and remote

Qualifications

Minimum:

  • High School or GED-General Educational Development-GED Diploma

  • 6 years’ experience in IT-Information Technology security, including working in Security Operations Centers

Desired:

  • Bachelor’s Degree in Computer Science or job-related discipline or equivalent experience

  • Previous experience supporting cyber defense analysis of Operational Technology (OT) Networks, including Integrated Controls Systems (ICS), SCADA, and Process Control Networks (PCN).

  • Formal IT Security/Network Certification, such as WCNA, CompTIA Security +, Cisco CCNA, GIAC GCIH, GMON, GCFA, GCFE, GREM, GICSP, GRID, or other relevant certifications

  • Utility Industry experience

  • Experience with compliance standards: NERC-CIP, SOX, TSA

  • Previous experience working with various SIEM, EDR, and digital forensic technologies

  • Experience with scripting in Python, PowerShell

  • Malware reverse engineering skills

DirectEmployers