FIND_THE_RIGHTJOB.
Senior Cybersecurity Analyst - Security Operations Center (Operations Technology)
JOB_REQUIREMENTS
Hires in
Not specified
Employment Type
Not specified
Company Location
Not specified
Salary
Not specified
Primary Purpose
The Sr. Cybersecurity Specialist – OT design and implement systems and processes of Sempra's security functions across operational technologies (OT), ensuring the 24/7 protection of Sempra's assets and data against the dynamically changing threat landscape. The Sr. Specialist –OT is responsible for the design and implementation of security across OT solutions to ensure Sempra's endpoints, servers, networks, and databases are always protected. This position coordinates with lines of business and development teams to ensure security controls are in place from design through deployment. This position works closely with cyber operations to ensure operational technologies are incorporated in functions, such as security monitoring, threat and vulnerability, and incident response.
Duties and Responsibilities
Delivery & Execution
Standards Setting:
Provides incident response plans and procedures for foreseeable incidents and continuously update the incident response playbook in line with emerging threats and leading industry standards
Develops and maintains incident response, threat and vulnerability, and security monitoring documentation
Oversees and leads Cybersecurity Specialists – OT, ensuring the specialists follow incident handling procedures and processes.
Project Delivery:
Drives the planning, execution, and management of multi-faceted projects related to Cyber security operations center
Responsible for the design and implementation of activities related to security monitoring and incident response
Oversee OT Specialist participation and ensure OT Specialist provide quality technical and procedural documents.
Compliance:
Implements OT security operations in accordance with industry standards and practices (i.e. NIST SP 800-82 AND ISO/IEC 62443)
Responsible for ensuring assigned projects and activities within the functional areas meet all compliance and architecture standards
Ensures proper oversight for solutions and artifacts
Ensures re-use through implementation of shared technology assets
Value Delivery, Strategy, and Planning
Functional Area Strategy
Coordinates activities of incident response, threat and vulnerability analysis, and security monitoring for operational technologies to ensure timely detection, prevention, and response to security incidents
Coordinates the implementation of requirements and recommendations to OT / critical infrastructure
Researches SCADA vendors and CISA advisory documents
Works with all business lines to ensure that incidents are quickly identified and remediated and to define recommended threat mitigation actions
Participates in business continuity plans in business lines
Maintains alignment with IT governance/risk objectives in solution delivery
Drives quick escalation and resolution during major incidents; prioritizes actions to ensure maximum protection of company assets and data
Provides detailed explanations of security events and their impact on specific parts of the business
Train OT Specialists and IT personnel to improve cross-training.
Emerging Technology
Incorporates areas of IT and OT convergence; works closely with IT to secure technologies
Drives continuous improvement across OT Incident response, threat and vulnerability, and security monitoring functions; ensures functions remain up to date with the current threat landscape
Drives innovation and identifies emerging technologies to sustain and automate the cyber security operations
Drives tabletop exercises with playbooks and pertest
Reviews of OT architectures for OT security improvements
Collaboration
Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as “one team”
Drives the relationship and communications to across business lines to ensure security is embedded within solutions
Performs other duties as assigned (no more than 5% of duties)
Qualifications
Education:
Bachelor's Degree In Computer Science, Information Technology, or equivalent relevant work experience.
Master's Degree is a plus
Experience
5+ years’ Experience in Information Security, Cyber Security, or relevant roles
3+ years Managing the security monitoring, threat and vulnerability, and/or incident response functions of an organization with a complex Information Technology environment
Knowledge, Skills, and Abilities
Technical Skills
Strong technical understanding of OT security monitoring, threat and vulnerability, and incident response processes, procedures, guidelines, and solutions
Knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, management systems, and security/compliance
Understanding of relevant cybersecurity regulations and best practices, pertinent to utility environments (such as NIST SP 800-53/82, NERC CIP, NEI 08-09, ISA 99, NIST CSF and C2M2)
Deep understanding of operating systems, programming, networking, malware defenses, perimeter controls, security assessment, web applications, intrusion analysis, malware analysis and incident response
Understanding in network design, configuration, and maintenance with various hardware manufacturers; understanding Programmable Logic Controllers (PLC) / Distributed control Systems (DCS), server virtual machines and industrial network architectures and how to effectively support securing these technologies
Proficiency in cyber kill chain framework
Understands information security as it relates to the business and other areas of IT; understands direct impacts and risks to the business
Strong multi-tasking capabilities, exceptional skills to adjust to multiple demands, shifting priorities, ambiguity and rapid change as well as dealing efficient deal with escalations and difficult situations/people under pressure e.g. to restore services
An overall understanding of the business objectives of service lines and Core Business Services departments
People Leadership
Demonstrated skills to collaborate across a diverse technical workforce in multiple locations, overseeing a full range of technology platforms and solutions as well as vendor personnel
Ability to lead, manage and coach staff; personal drive and energy level to achieve superior results individually and through others
Excellent communication stills and ability to convey technical concepts to a non-technical audience
Cross Functional Collaboration
Ability to participate in co-operative working relationships including knowledge sharing and partnership in achieving solutions within and across business or operational functions
Preferred Qualifications
Professional certifications in Information Security (CISSP, CISM, CISA).
Bilingual in English and Spanish.
Licenses and Certifications
Professional certifications in Information Security (CISSP, CISM, CISA)
Technical certifications (operations i.e. GCIA, GCIH, CEH, SSCP)
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
The Sr. Cybersecurity Specialist – OT design and implement systems and processes of Sempra's security functions across operational technologies (OT), ensuring the 24/7 protection of Sempra's assets and data against the dynamically changing threat landscape. The Sr. Specialist –OT is responsible for the design and implementation of security across OT solutions to ensure Sempra's endpoints, servers, networks, and databases are always protected. This position coordinates with lines of business and development teams to ensure security controls are in place from design through deployment. This position works closely with cyber operations to ensure operational technologies are incorporated in functions, such as security monitoring, threat and vulnerability, and incident response.
Duties and Responsibilities
Delivery & Execution
Standards Setting:
Provides incident response plans and procedures for foreseeable incidents and continuously update the incident response playbook in line with emerging threats and leading industry standards
Develops and maintains incident response, threat and vulnerability, and security monitoring documentation
Oversees and leads Cybersecurity Specialists – OT, ensuring the specialists follow incident handling procedures and processes.
Project Delivery:
Drives the planning, execution, and management of multi-faceted projects related to Cyber security operations center
Responsible for the design and implementation of activities related to security monitoring and incident response
Oversee OT Specialist participation and ensure OT Specialist provide quality technical and procedural documents.
Compliance:
Implements OT security operations in accordance with industry standards and practices (i.e. NIST SP 800-82 AND ISO/IEC 62443)
Responsible for ensuring assigned projects and activities within the functional areas meet all compliance and architecture standards
Ensures proper oversight for solutions and artifacts
Ensures re-use through implementation of shared technology assets
Value Delivery, Strategy, and Planning
Functional Area Strategy
Coordinates activities of incident response, threat and vulnerability analysis, and security monitoring for operational technologies to ensure timely detection, prevention, and response to security incidents
Coordinates the implementation of requirements and recommendations to OT / critical infrastructure
Researches SCADA vendors and CISA advisory documents
Works with all business lines to ensure that incidents are quickly identified and remediated and to define recommended threat mitigation actions
Participates in business continuity plans in business lines
Maintains alignment with IT governance/risk objectives in solution delivery
Drives quick escalation and resolution during major incidents; prioritizes actions to ensure maximum protection of company assets and data
Provides detailed explanations of security events and their impact on specific parts of the business
Train OT Specialists and IT personnel to improve cross-training.
Emerging Technology
Incorporates areas of IT and OT convergence; works closely with IT to secure technologies
Drives continuous improvement across OT Incident response, threat and vulnerability, and security monitoring functions; ensures functions remain up to date with the current threat landscape
Drives innovation and identifies emerging technologies to sustain and automate the cyber security operations
Drives tabletop exercises with playbooks and pertest
Reviews of OT architectures for OT security improvements
Collaboration
Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as “one team”
Drives the relationship and communications to across business lines to ensure security is embedded within solutions
Performs other duties as assigned (no more than 5% of duties)
Qualifications
Education:
Bachelor's Degree In Computer Science, Information Technology, or equivalent relevant work experience.
Master's Degree is a plus
Experience
5+ years’ Experience in Information Security, Cyber Security, or relevant roles
3+ years Managing the security monitoring, threat and vulnerability, and/or incident response functions of an organization with a complex Information Technology environment
Knowledge, Skills, and Abilities
Technical Skills
Strong technical understanding of OT security monitoring, threat and vulnerability, and incident response processes, procedures, guidelines, and solutions
Knowledge of OT network infrastructure, SCADA/DCS systems, data/communication systems, management systems, and security/compliance
Understanding of relevant cybersecurity regulations and best practices, pertinent to utility environments (such as NIST SP 800-53/82, NERC CIP, NEI 08-09, ISA 99, NIST CSF and C2M2)
Deep understanding of operating systems, programming, networking, malware defenses, perimeter controls, security assessment, web applications, intrusion analysis, malware analysis and incident response
Understanding in network design, configuration, and maintenance with various hardware manufacturers; understanding Programmable Logic Controllers (PLC) / Distributed control Systems (DCS), server virtual machines and industrial network architectures and how to effectively support securing these technologies
Proficiency in cyber kill chain framework
Understands information security as it relates to the business and other areas of IT; understands direct impacts and risks to the business
Strong multi-tasking capabilities, exceptional skills to adjust to multiple demands, shifting priorities, ambiguity and rapid change as well as dealing efficient deal with escalations and difficult situations/people under pressure e.g. to restore services
An overall understanding of the business objectives of service lines and Core Business Services departments
People Leadership
Demonstrated skills to collaborate across a diverse technical workforce in multiple locations, overseeing a full range of technology platforms and solutions as well as vendor personnel
Ability to lead, manage and coach staff; personal drive and energy level to achieve superior results individually and through others
Excellent communication stills and ability to convey technical concepts to a non-technical audience
Cross Functional Collaboration
Ability to participate in co-operative working relationships including knowledge sharing and partnership in achieving solutions within and across business or operational functions
Preferred Qualifications
Professional certifications in Information Security (CISSP, CISM, CISA).
Bilingual in English and Spanish.
Licenses and Certifications
Professional certifications in Information Security (CISSP, CISM, CISA)
Technical certifications (operations i.e. GCIA, GCIH, CEH, SSCP)
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Similar jobs
Senior SOC Analyst
PCCW Global
Manilla, United States
4 days ago
Principal Industrial Security Analyst
Northrop Grumman
Melbourne, United States
4 days ago
Journeyman Digital Forensic Analyst
Peraton
Arlington, United States
4 days ago
Global Phishing Drill Service Senior Analyst
Deloitte
Hermitage, United States
4 days ago
Cybersecurity Analyst - Governance, Risk, and Compliance (GRC)
Sempra Infrastructure
Houston, United States
4 days ago
Cybersecurity Analyst
Massachusetts Bay Transportation Authority
Boston, United States
4 days ago
CSOC Analyst- Full Time
Tanger
Greensboro, United States
4 days ago
© 2025 Qureos. All rights reserved.