Primary Purpose

The Cybersecurity Team Lead - Security Operations Center (SOC) acts as a supervisor-capacity reporting to the Cybersecurity Manager and leads the implementation and optimization of Sempra's security operations functions, ensuring the 24/7 protection of Sempra's assets and data against the dynamically changing threat landscape. This position is responsible for security operation areas, such as incident response, forensics, security monitoring, threat management, and vulnerability management.

Manages the ongoing analysis and continuous activity monitoring to ensure Sempra's endpoints, servers, networks, and databases are always protected. Oversees the timely detection and response to intrusions. Leads change by enthusiastically sharing, developing, and implementing emerging approaches to improve security operations.

Duties and Responsibilities

Value Delivery, Strategy, and Planning

• Functional Area Strategy:
  • Oversees the day-to-day activities of the security operations team, including the monitoring, detection, and incident response across IT environments.
  • Plans, builds, develops, and matures the security operations to pro-actively monitor the incidents that happens in the environment; lead the build of solutions to counter and respond to incidents.
  • Proactively conducts research of emerging security threats.
  • Leads computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action.
  • Guides, matures and works with the security operations team to build a best-in-class SOC.
  • Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity.
  • Drives standardization, automation, and consolidation/centralization.
  • Drives the functional area practices and solutions for key cross team/cross product development projects.
• Emerging Technology:
  • Drives innovation to sustain and automate the cyber security operations by designing and working with cyber security engineers.
  • Identifies emerging technologies and tools to support IT and business roadmaps.
• Financial Planning:
  • Provides input in budget creation and cost center spending, including external spend with outside vendor.
  • Handles significant budgetary duties. Supports establishing and administering the annual budgets and managing expenditures to operate within the approved budget.

Delivery & Execution

• Standards Setting:
  • Routinely develops and updates incident response playbooks to ensure response activities align with best practices, minimizes gaps in response and provides comprehensive mitigation of threats.
  • Prioritizes work, assigns resources and coordinates team involvement in project efforts specific to the functional area; prioritizes work and assigns resources to projects.
  • Gives functional area impacted advice on strategic, tactical, and operational levels to different stakeholders at all levels of the organization. Contributes to the strategic plan of Sempra IT organization.
• Project Delivery:
  • Drives the planning, execution, and management of multi-faceted projects related to Cyber SOC.
  • Manages end-to-end delivery of projects and activities within the functional area.
• Compliance:
  • Ensures assigned projects and activities within the functional area meet all compliance and architecture standards.
  • Ensures proper oversight for functional area solutions and artifacts.
  • Ensures re-use through implementation of shared technology assets.

Leadership & People Management

• Collaboration:
  • Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as "one team".
  • Drives the relationship and communications to inspire stakeholders like future users or customers with ideas and exemplary solutions through strategic scenarios and proposals.
• Functional Area Leadership:
  • Manages day-to-day relationship with security and infrastructure services partners.
  • Provides functional area leadership, collaboration, and conflict resolution. Provides direction, motivation, and input into the strategic oversight of the functional area.
  • Manages select aspects of performance management, training, and development.
• Talent Development:
  • Provides the leadership needed regarding people-care activities, including 1-on-1's, career development, and roadmap activities, to ensure that employees receive effective feedback and development opportunities.
• Performs other duties as assigned (no more than 5% of duties).

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or equivalent relevant work experience.
• 6+ years of experience in Information Security, Cyber Security, or relevant roles.
• 2+ years of managing the Information Security functions of an organization with a complex Information Technology environment.
• Professional certifications in Information Security (CISSP, CISM, CISA).
• Extensive applied knowledge of cyber security operations functions, in areas such as incident response, security monitoring, threat and vulnerability, SOC and SOC service delivery, and associated technologies.
• Understands information security as it relates to the business and other areas of IT; understands direct impacts and risks to the business.
• Outstanding management, interpersonal, communication, organizational and decision-making skills.
• Strong multi-tasking capabilities, exceptional skills to adjust to multiple demands, shifting priorities, ambiguity and rapid change as well as dealing efficient deal with escalations and difficult situations/people under pressure e.g. to restore services.
• An overall understanding of the business objectives of service lines and Core Business Services departments.
• Demonstrated skills to manage a diverse technical workforce spread across multiple locations involving the full range of technology platforms and solutions as well as vendor personnel.
• Ability to lead, manage and coach staff; Personal drive and energy level to achieve superior results individually and through others; Proven track record of successful team leadership and development.
• Ability to participate in co-operative working relationships including knowledge sharing and partnership in achieving solutions within and across business or operational functions.

Preferred Qualifications

• Master's degree
• Technical certifications in operations (i.e., GCIA, GCIH, CEH, SSCP)
• Bilingual in English/Spanish a plus.

Note: The Company strives to ensure that employees are paid equitably and competitively. Starting salaries may vary based on factors such as relevant experience, qualifications, and education.

Sempra Infrastructure offers a competitive total rewards package that goes beyond base salary. This position is eligible for an annual performance-based incentive (bonus) as well as merit-based recognition. Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, as well as other company offerings such as tuition reimbursement, paid parental leave, and employee assistance programs.