Sempra: Where opportunity powers impact
At Sempra, we tackle the biggest energy challenges that face our industry. Our high-performing team leverages the full capabilities of our organization to serve 40 million consumers across North America. By collaborating and challenging one another across multiple disciplines, we inspire our best work, ideas and innovation. From increasing liquified natural gas (LNG) capacities to reducing carbon emissions to helping people prepare for the realities of climate change, we are committed to building a better energy future for all.
Primary Purpose
As a specialist in security techniques, provide visibility across the enterprise technology landscape to identify, assess and
recommend risk mitigation tasks. Handle complex long-term initiatives in area of expertise, collaborating with multiple teams and stakeholders to develop improved cybersecurity technology and processes with a focus on continuous improvement. The
Cybersecurity Specialist III support cybersecurity capabilities in detecting, responding and preventing cybersecurity incidents
through the development of awareness materials, engagement activities, and trainings across the organization.
Duties And Responsibilities
- Raises the general level of awareness of information security by providing ongoing outreach using all company communications methods (i.e. articles, town hall and lunch and learn events, presentations to employees, etc.), issues cybersecurity alerts as needed, and trains employees in more depth on information security concepts by developing a corporate wide employee training program that consists of a web-based training module deployed annually.
- Contributes to the development of strategies to reduce corporate risk by creating and implementing company-wide information security awareness and information security training programs, including the development of an annual Security Awareness Plan.
- Creates and executes monthly phishing campaigns and produces monthly data/metrics driven phishing reports. Supports the monthly employee reward t-shirt mailing program.
- Performs documentation review and enhancement, including the review of Information Security team materials used for external presentations and speaking engagements.
- Plans companywide Cybersecurity events including curating content, booking of speakers, audio/visual, and catering options. Provides event planning for CISO.
- Performs other duties as assigned (no more than 5% of duties).
Qualifications
Education
- Bachelor's degree in cybersecurity, information systems, software engineering, computer science, related field or equivalent training and/or experience is required.
Experience
- 4+ years of experience developing, facilitating, implementing, and communicating training material, policies and information to a corporate audience is required.
- 3+ years establishing metrics and measurements demonstrating program effectiveness is required.
- 2+ years of experience working within information technology and/or enterprise cybersecurity with experience in cybersecurity processes, risk assessments, governance, and/or maintaining operational systems.
- Must reside in Southern California or be willing to relocate upon hire.
- We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office three days per week and work remotely on the remaining workdays.
Skills And Abilities
Required skills and abilities include:
- Strong verbal, communication, professional writing and presentation skills.
- Ability to work within a team or independently with minimal supervision on multiple tasks simultaneously.
- Proven data analysis and business intelligence reporting capabilities.
- Leverage data visualization tools to analyze and integrate data from unique data sources and develop reports with actionable insights and risk indicators for internal and external stakeholders (ex. Power BI).
- Proficiency in Office O365 software applications.
- Experience in event planning.
Preferred Skills And Abilities Include
- Bilingual (English/Spanish).
- Proficiency in creating/developing/executing Phishing campaigns for all employees and producing metrics. Proficiency in the following tools: Phish Alarm, Phish Analyzer.
Licenses and Certifications
- CISSP, CISA, SANS certifications are preferred.
Other Qualifications
- May require work outside of normal business hours and/or 24/7 response availability for system and application maintenance, enhancements, production releases and/or operational emergencies.
Area of Interest
Information Technology
Total Rewards Philosophy
Sempra strives to ensure that employees are paid equitably and competitively. Starting salaries may vary based on factors such as relevant experience, qualifications, and education.
Sempra offers a competitive total rewards package that goes beyond base salary. This position is eligible for an annual performance-based incentive (bonus) as well as other merit-based recognition. Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, as well as other company offerings such as tuition reimbursement, paid parental leave, and employee assistance programs.