The California Independent System Operator (ISO) manages the flow of electricity across the high-voltage, long-distance power lines that make up 80 percent of California's power grid. We safeguard the economy and well-being of 30 million Californians by "keeping the lights on" 24/7.

As the impartial grid operator, the California ISO opens access to the wholesale power market that is designed to diversify resources and lower prices. It also grants equal access to 25,865 circuit-miles of power lines and reduces barriers to diverse resources competing to bring power to customers.

The California ISO's function is often compared to that of air traffic controllers. It would be grossly unfair for air traffic controllers to represent one airline and profit from allowing that company's planes to go through before others. In the same way, the California ISO operates independently—managing the electron traffic on a power grid we do not own—making sure electricity is safely delivered to utilities and consumers on time and reliably.

Under the general direction of the Manager, responsible for the implementation and operation of Information Security Infrastructure and Perimeter solutions. Designs, documents, and tests solutions in the Information Security Infrastructure space.

What's In it for You

Our purpose is to lead the way to tomorrow's energy network. Make a difference and impact millions of people who depend on electricity in their everyday lives.

• You get to work on interesting and challenging assignments that will help grow your skill set.
• You will work in an extremely collaborative environment inside our LEED certified Folsom, California campus.
• You will be challenged, be a part of a winning team, and your contributions will be rewarded and recognized.

What You Will Be Doing

• Leads the analysis, design and programming activity for implementation of Information Security Infrastructure solutions.
• Develops, maintains, supports and optimizes information security infrastructure for key functional areas including, but not limited to, network infrastructure, server infrastructure, data communications, and telecommunications systems.
• Collaborates with customers, subject matter experts, architects, development team, implementation support and production support staff to define technical specifications, solution scope and objectives.
• Identifies and evaluates complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement 
• Supports the architect team in the design of Information Security Infrastructure solutions through client requirements specification, solution design and product selection.
• Creates and maintains relevant security policies, processes, and procedures.
• Continuous monitoring/review and reporting of security posture and improvement recommendations
   

Level of Education and Discipline

• A Bachelor's degree (BA, BS) or equivalent education, training or experience in Computer Science, Engineering, or related technical field.  Master Degree preferred.

Amount of Experience

• Equivalent years of education and training, plus two (2) or more years related experience.

Certifications

• DoD8570 IAT Level3 baseline or equivalent professional certifications required (ie CISSP or CISA)
• Network certifications (CCNP) and Giac GWAPT, GCIH, GCIA or equivalent certifications desired.

Type of Experience

• Experience in an Information Security corporate environment with Information Security Infrastructure.  
• Experience with network infrastructure, system administration, network and application security concepts.  
• Various types of testing (i.e., unit/functional testing, system integration testing, user acceptance testing, performance testing, vulnerability testing, etc.).  
• Proven expertise in least privilege access and defense in depth principles. 
• Experience administering and troubleshooting UNIX/Linux and Windows Operating Systems. 
• Solid knowledge and experience in IT Architecture, Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewalls (WAF), load balancers, web content filtering, next generation and network based anti-malware detection and threat prevention solutions, security incident and event management (SIEM) solutions, threat hunting, incident response, and data loss prevention (DLP) solutions.  
• Prior experience with regulatory oversight (ie NERC/CIP) desired.

Additional Skills and Abilities

• Must be able to work effectively in a team environment as facilitator and team member.  
• Excellent analytical, verbal and written communication and documentation skills required, with a demonstrated attention to detail.  
• Excellent planning and organizational skills.  
• Ability to use deductive reasoning and analytical thinking with sound judgment and decision-making skills.  
• Strong interpersonal and conflict resolution skills are also essential.  
• Must be self-starting and willing and able to work independently in a dynamic corporate organization under pressure of tight deadlines and aggressive expectations.  
• Self-motivated, problem solving skills and the ability to influence others without direct authority. 

All your information will be kept confidential according to EEO guidelines.