Cybersecurity Engineering, Risk & Governance Senior Advisor

Join the Clean Energy Revolution Become a Cybersecurity Engineering, Risk & Governance Senior Advisor at Southern California Edison (SCE) and build a better tomorrow. In this job, you’ll lead high-impact cybersecurity initiatives that strengthen SCE’s ability to protect critical infrastructure, customer information, and business operations. The role partners across cybersecurity, infrastructure, application, OT/ICS, compliance, risk, audit, operations, and third‑party teams to ensure cyber requirements are not treated as after‑the‑fact controls, but are embedded into architecture, delivery, and operational decision‑making. Key Responsibilities Consulting on cybersecurity risk assessments across enterprise technology and IT/OT environments, identifying priority systems, credible threat scenarios, control gaps, and practical remediation paths. Translating business, regulatory, and technical risk into clear treatment plans with accountable owners, timelines, measurable outcomes, and executive‑ready reporting. Advising on secure architecture patterns for cloud, on‑premises, identity, network, endpoint, application, and OT/ICS environments, with emphasis on defensible, supportable, and audit‑ready designs. Establishing and maturing secure‑by‑default baselines, hardened system profiles, control mappings, evidence practices, and exception processes that reduce drift and improve governance consistency. Partnering with engineering and operations teams to improve segmentation, access control, logging, vulnerability management, configuration management, and security monitoring across critical platforms. Driving complex cybersecurity projects from strategy through execution, managing dependencies, vendor coordination, stakeholder alignment, technical risks, and delivery outcomes. Supporting NERC CIP and broader regulatory readiness by connecting cybersecurity engineering work to compliance obligations, audit evidence, control effectiveness, and risk‑based prioritization. Strengthening cyber decision‑making by creating repeatable methods for threat modeling, control validation, security assessments, remediation tracking, and governance reporting. Serving as a trusted advisor to senior leaders, helping them understand cybersecurity risk in business terms and make informed decisions that balance reliability, security, compliance, cost, and operational practicality. Enterprise Impact The impact of this role is broader than delivering individual security projects. The Senior Advisor helps SCE make cybersecurity a durable operating capability: measurable, repeatable, embedded, and aligned to the realities of a modern electric utility. Grid resilience: reducing cyber exposure across systems that support safe, reliable electric service and grid modernization. Operational reliability: helping ensure cybersecurity controls support, rather than disrupt, critical utility operations. Regulatory confidence: improving evidence quality, control maturity, and audit readiness across cybersecurity and compliance programs. Risk reduction: turning assessments, findings, and technical concerns into actionable remediation plans that close material gaps. Secure modernization: enabling cloud, automation, data, AI, and OT/ICS initiatives to move forward with security built into the design. Customer and community trust: protecting sensitive data and critical services for the millions of people, businesses, and communities that depend on SCE. Executive decision support: giving leadership a clear view of cyber risk, tradeoffs, priorities, and measurable progress. As a Cybersecurity Engineering, Risk & Governance Senior Advisor, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future? Responsibilities Leads cyber security project delivery by ensuring the cyber security team delivers on success criteria, addresses project issues and risks, and builds commitment with delivery team and internal or external partners. Designs, implements and maintains a secure posture and baseline across all components of the organization on‑premises and cloud IT environments, employing recognized security engineering practices and supporting secure build processes. Develops, maintains, and delivers secure system profiles, and maintains an overall view of compliance. Collaborates with the IT and Quality teams to assess, remediate, and prevent information technology risks. Drives system auditing, vulnerability risk assessments, assured file transfers, hardware and software configuration management, data integrity containments and investigations on internal affairs related security violations and incidents. Ensures that new and existing security applications and systems are successfully integrated during implementations, updates, and patching to maintain or increase our ability to detect and prevent security exploits. Collaborates with external managed security solution provider and analysts to enhance security solutions to reduce malicious and suspicious activity based on security data analysis, review of the current threat landscape, and assessment of security tickets. Works with the infrastructure team and security architect to analyze security threats and recommend technical infrastructure and architecture changes to address gaps and reduce risk. Shapes procedures and methods for auditing and addressing risk and non‑compliance to information security standards. Fosters strong relationships with senior leaders and stakeholders to understand and map out business priorities and how security engagement can be effectively managed to deliver secure design solutions. A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity. Minimum Qualifications Ten or more years of experience in information technology, information security and/or cybersecurity. US Citizenship Required. Preferred Qualifications Ten or more years of progressive experience in information technology, information security, cybersecurity, cyber risk management, security engineering, or related disciplines. Proven ability to lead cybersecurity initiatives in complex enterprise environments, including projects involving architecture, infrastructure, cloud, identity, endpoint, network security, vulnerability management, governance, risk, compliance, or operational technology. Experience assessing cybersecurity risk, validating control effectiveness, identifying gaps, and translating findings into practical remediation plans with clear owners, timelines, and measurable outcomes. Strong understanding of security architecture, secure system baselines, configuration management, risk treatment, control design, and secure‑by‑design engineering practices. Demonstrated ability to partner with engineering, operations, compliance, audit, risk, vendor, and business teams to move cybersecurity work from recommendation to execution. Experience communicating complex cybersecurity issues to technical teams, non‑technical stakeholders, and senior leaders in a clear, actionable, business‑aligned manner. Additional Information This position’s work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days. Unless otherwise noted, employees are required to work and reside in the state of California. Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs. Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. The primary work location for this position is Rosemead, CA. Position will require up to 20% local traveling and being out in the field throughout the SCE service territory. This position has been identified as a NERC/CIP impacted position – prior to being hired, the successful candidate must pass a Personnel Risk Assessment (PRA) or Background Investigation. Once hired, the candidate must complete specified training prior to gaining un‑escorted access to assigned work location and performing necessary job duties. Relocation may apply to this position. Southern California Edison is a proud Equal Opportunity Employer, including disability and protected veteran status. We are committed to ensuring that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations at View phone number on click.appcast.io. #J-18808-Ljbffr Southern California Edison