Senior IT Process Engineer

Requisition ID 119203 Job Category : Engineering / Science Job Level : Individual ContributorBusiness Unit: Information TechnologyDepartment OverviewThe Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a relevant, timely and data-driven manner. The Cybersecurity team consists of security professionals in their chosen disciplines, including:Cybersecurity ServicesRisk & StrategySecurity Intelligence & OperationsComplianceWorking together, we review the current cyber threat landscape and lend our expertise to help the company understand its security posture and act on the highest priority risks.The Cybersecurity team takes a proactive approach to security by focusing on the cyber risks PG&E faces. Our methodology and framework synthesizes current legal, regulatory, and operating mandates with PG&E''s business goals and operations. By taking this information and focusing on the cyber risks unique to individual Lines of Business (LOB), Cybersecurity helps PG&E''s LOBs make informed decisions about where to invest their resources.Position SummaryThe Senior IT Process Engineer will conduct, monitor and improve identity and access management (IAM) processes and controls to facilitate regulatory compliance working closely with managers, team leaders, specialists, security teams, compliance teams and subject matter experts. This position will provide support to deliver regular IAM compliance health status and metrics, and internal and external auditor interactions as necessary.The role will work from your home office through April 2022. Once a date for returning to the office is identified the work location can be flexible in Rocklin, Sacramento, San Ramon, or Oakland. Job ResponsibilitiesReviews and stays current on North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations as they apply to the Identity and Access (IAM) Management domainEstablishes and executes IAM domain procedures and processes in support of NERC CIP complianceWorks with lines of business to execute IAM procedures in a timely manner to maintain NERC CIP compliancePerforms ongoing monitoring to ensure IAM processes and technology solutions continue supporting NERC CIP complianceWorks with compliance teams to establish, test, and maintain CIP related IAM controlsIdentifies potential compliance gaps and as required follows compliance reporting processes, performs extent of condition reviews, and establishes mitigation plansInvestigates and addresses CIP related IAM corrective action program (CAP) issuesWorks within IAM Operations and with other cross functional operations and compliance teams to ensure processes and technical solutions align to meet NERC CIP requirements, and provide requirements to update processes and technical solutions as neededSupports the development and presentation of regular status reports and metrics providing visibility to NERC CIP compliance status in the IAM domainSupports regular reviews and updates to CIP004 standards and reliability standard audit worksheets (RSAW)Supports interactions with external regulatory enforcement organizations during audits or other required meetings, and internal audit teamsQualificationsMinimum:Bachelors Degree in Computer Science or job-related discipline or equivalent experienceExperience in enterprise architecture environments, job-related5 years experience in IT-Information Technology engineering designDesired:2 years of IT/Cybersecurity experienceSolid understanding of general computing controls (GCCs)Experience with NERC CIP regulations preferably in the IAM domainUtility industry experienceCertified Information Systems Security Professional (CISSP)Experience with documenting processes and proceduresStrong oral and written communication skillsStrong analytical skillsAbility to work with minimal supervision in a fast-paced environmentDetail oriented

Created: 2025-10-04