Advisor, Data Protection

to information and data protection control requirements.

• Perform health checks as part of routine process operations, solution design, focusing on Zero Trust architecture, cloud security, IAM, data protection, and compliance utilizing frameworks such as NIST 800-53, ISO 27001, SOC 2, PCI-DSS, and FedRAMP.

• Conduct Third-Party Data Risk Management (TPCRM) assessments, evaluating vendor security postures to mitigate supply chain risks and enforce Zero Trust principles.

• Contribute to cloud security governance and infrastructure security oversight, ensuring adherence to FedRAMP requirements, including DLP.

• Support AI-driven chatbot implementations for to automating security risk assessments and remediation.

• Lead data risk and compliance oversight of service delivery, vendor management, business excellence, IT security, process, risk, control, and metrics management.

• Lead SAP ECC control assessments, focusing on risks across FI, MM, SD, and SAP Basis, and utilize SAP GRC Access Control to analyze segregation of duties, critical access, and elevated privilege usage.

• Review procurement contract terms related to information and data protection to provide recommendations, work through exceptions.

• Attend contract review meetings, including limited kick-off meetings, internal team contract review meetings, Cyber Risk reviews, and external negotiations, as required for high-profile suppliers.

• Develop remediation to address data and information protection control weaknesses and provide consultation to business, data owners to improve literacy and complete remediation.

As an Advisor, Data Protection, your work will help power our planet, reduce carbon emissions and create cleaner air for everyone. Are you ready to take on the challenge to help us build the future?

Responsibilities

• Collaborates with internal teams to implement privacy initiatives and risk mitigating measures

• Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures

• Collaborates with stakeholders to provide appropriate repository and plan for mission critical business content and disaster recovery scenarios

• Identifies opportunities to enhance the Information Governance program by utilizing a thorough understanding of information management, security, and privacy principles

• Drives information governance action items with stakeholders through to completion

• Identifies and resolves gaps in adherence to polices and standards and identifies appropriate issues for escalation

• Performs analysis and process documentation for projects related to information governance, process, compliance, access management, and contractor oversight

• Collaborates with cross-functional teams to address information governance opportunities and resolve issues

• Supports in the delivery of business change programs around records and information management, encouraging best practice across SCE

• Supports operational implementation of various processes and systems ensuring alignment with the Information Governance policies

• A material job duty of all positions within the Company is ensuring the protection of all its physical, financial and cybersecurity assets, and properly accessing and managing private customer data, proprietary information, confidential medical records, and other types of highly sensitive information and data with the highest standards of conduct and integrity.

Minimum Qualifications

• Seven or more years of experience with information governance and data management practices and processes.

Preferred Qualifications

• Bachelor's Degree or higher in Computer Science, Engineering, or related field.

• Certified in one or more of the following: Chief Information Security Officer (CCISO), Lean Six Sigma, ITIL v3 Foundation, Information Security Systems Professional (CISSP), Project Management Professional (PMP).

• Experience with ISO or NIST Data Protection Standards.

• Three or more years of experience in Cybersecurity or Risk Management.

Additional Information

• This position's work mode is hybrid. The employee will report to an SCE facility for a set number of days with the option to work remotely on the remaining days.u202f Unless otherwise noted, employees are required to work and reside in the state of California.u202f Further details of this work mode will be discussed at the interview stage. The work mode can be changed based on business needs.

• Visit our Candidate Resource page to get meaningful information related to benefits, perks, resources, testing information, hiring process, and more!

• Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

• The primary work location for this position is Rosemead, General Office 3.

• Relocation does not apply to this position.

About Southern California Edison

The people at SCE don't just keep the lights on. Our mission is so much bigger. We're fueling the kind of innovation that's changing an entire industry, and quite possibly the planet. Join us and create a future with cleaner energy, while providing our customers with the safety and reliability they demand. At SCE, you'll have a chance to grow personally and professionally, making a real impact in Southern California and around the world.

Southern California Edison is a proud Equal Opportunity Employer, including disability and protected veteran status.

We are committed to ensuring that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodations at (833) 343-0727.