I am...

Company Description

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

• Build and operationalize security tools.
• Build and automate new and existing workflows and trending metrics dashboards.
• Suggest security improvements by assessing the current situation, evaluating trends, anticipating requirements, and supporting proof-of-concept experimentations.
• Create and present functional and technical designs including data analysis to business team, and gather feedback to influence solution design and approach.
• Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls.
• Participate in security incidents and help implement containment and eradication.
• Evaluate audit and vulnerability findings and act upon them.
• Serve as an expert for the different tools built by the team.
• Act as guidance and facilitator to security operations.
• Build strong relationships with different stakeholders.
• Partake in efforts that shape the organization’s security policies and standards for use in hybrid cloud environments.
• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers.
• Ability to influence build vs buy decisions related to security tools.
• Accountable for the timely delivery of projects as per established roadmaps by working closely with the business teams.
• Participate in on call roster.
• Strong alignment with product management and engineering teams on roadmap and product feedback.
• Provide mentoring and training to peers and other colleagues in the organization.

Required Qualifications

• MUST HAVE 8+ years of Security Engineering is required.
• MUST HAVE 5+ Years working in the Public Cloud (GCP, AWS or Azure).
• Compute, network, storage, content delivery, administration and security, deployment and management, automation technologies.
• Preference is GCP, but OK if you have 2 of the 3.
• Experience in infrastructure automation tools like AWS CloudFormation, Ansible, Terraform and equivalents.
• MUST BE PROFICIENT In Python.
• REGO is a nice to have.

Preferred Qualifications

• Experience with containerization on Cloud, AKS or EKS (Dedicated/Managed/Serverless Kubernetes).
• Experience implementing cloud native security tools like AWS Guard Duty or Azure Security Center.
• Experience implementing Cloud Security Posture Management toolset.
• Apply adept understanding and experience with systems automation platforms and technologies.
• Execute security architectures for cloud/hybrid systems.
• Automate security controls, data and processes to provide improved metrics and operational support.
• Build dynamic dashboards to track metrics.
• Employ cloud-based APIs when suitable to write network/system level tools for safeguarding cloud environments.
• Spot and execute new security technologies and best practices into the company’s Cloud offerings.
• Strong working knowledge of system internals as well as networking.
• Strong familiarity with Linux and Windows operating systems and cloud provider ecosystems like AWS/Azure/GCP.
• Assist in the integration of Infrastructure pipelines with secure configuration parameters to remove or reduce known threat vectors.
• Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business.
• A keen analytical mind for problem solving, abstract thought, and offensive security tactics with a goal to make security a strong enabler at ServiceNow.
• Proven experience in being an effective team player and driven to automate and continuously improve.
• Ability to articulate complex issues to executives and customers.

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance.

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.

Department Overview

The Information Technology (IT) organization designs, develops, operates and maintains the technology and telecommunications systems that enable PG&E to meet its commitment to providing safe, reliable and affordable service to customers.

IT partners with the business by increasing capabilities through the development of additional functionality, implementing new technologies, reducing costs, increasing productivity, and facilitating organizational and business effectiveness through enabling technologies.

Position Summary

The Chief Cybersecurity Strategist is an individual contributor who is responsible for creating a broad vision for the ecosystem of security tools to optimize for efficiency, effectiveness, cost and ability to derive high quality, actionable intelligence. This individual will work with architecture and engineering teams, as well as operations teams to understand current state, and constantly research and present a compelling roadmap for security tools covering IT, OT, multi-cloud and third-party attack surfaces. The individual will own the remit of ensuring proper use of AI in defense and the ability to detect AI-based attacks. They will also be responsible for leading the “bend the cost curve” initiative for cybersecurity through platform enablement and tools consolidation where it makes sense.

This position is hybrid, working from your remote office and your assigned work location based on business need. The assigned work location will be within the PG&E Service Territory.

Reporting Relationship

The Chief Cybersecurity Strategist reports directly to the Vice President, Cybersecurity.

• Provide vision for security tools arsenal
• Champion tools coverage and consolidation strategy
• Create and maintain visuals of technologies versus capabilities
• Manage roadmap of tools to show consolidation and replacements
• Understand evolving threat landscape to plan for how to detect and defend better
• Strategize and plan for both effectiveness and efficiency in tools ecosystem
• Work with Arch/Engineering team on platform consolidation strategy
• Provide updates and perspectives to cyber leadership team
• Create and manage decision-making framework for tool selection within security ecosystem
• Create, maintain and strategize on data flow and integration across separate systems for additional intelligence
• Work with all Cyber stakeholders and IT stakeholders to understand tools needs and create roadmap based on decision framework
• Measure, manage and increase usage of existing tools
• Look at strategic overhaul of tools ecosystem to build a brand-new scalable model of tools and data across Cybersecurity
• Work with Architecture/Engineering team to determine how to build AI-enabled capabilities into security tools ecosystem
• Work with Enterprise Architecture, Products and Enterprise Platforms and Infrastructure and Cloud Services team on leveraging tools outside of security purview for strategic benefits to Security
• Strategize, plan and architect integrations of cloud monitoring tools into rest of security ecosystem
• Work with Security Intelligence and Operations Center (SIOC) Sec Engineering to strategize and document integrations with Security Incident and Event Management (SIEM) platform
• Conduct research on on-prem and cloud PaaS/SaaS tools to weave into security defense fabric
• Share learnings with the cyber leadership team and manage business justifications for addition/removal of tools and services
• Work with project teams as applicable to understand and document changes to tools ecosystem and ensure benefits realization with swap-out and closing out of contracts
• Own "Bend the Cost Curve" initiative for Cybersecurity related to technology spend to derive and ensure savings.
• Travel 10-15%

Minimum

• Bachelors Degree in job-related discipline or equivalent experience
• Job-related experience, 12 years

Desired

• Advanced degree in a relevant field such as data management, computer science, information technology, systems engineering, operational governance, or other applicable discipline
• Leadership experience, 20 people or more
• Utility industry experience, electric or gas, or other job-related, 7 years
• Experience with Operational Technology, Industrial Control Systems
• Experience in or leading an operational cybersecurity team
• Experience with AI-based security technology
• Experience creating a security data lake
• Experience with NERC CIP, TSA and FERC utility industry regulations
• Experience in a leadership role on complex, high risk projects
• Experience in strategic planning or other related efforts
• Consulting experience

Leadership Qualities

PG&E expects its leaders to conduct themselves with the highest ethics and integrity and to embody specific leadership qualities.

Strategic Mindset

• Seeing ahead to future possibilities and translating them into breakthrough strategies.
• Operating effectively, even when things are not certain or the way forward is not clear.

A Leader in the Community and Industry

• Effectively building formal and informal relationship networks inside and outside the organization.
• Anticipating and balancing the needs of multiple stakeholders.

Demonstrates Safety Leadership

• A safety champion in words and deeds with respect to both employee and public safety.
• Maintaining an environment of open dialog and free of retaliation.

Influences and Inspires

• Using various communications that convey a clear understanding of the needs of different audiences.
• Maneuvering comfortably through complex policy, process, and people-related dynamics.

Optimizes Team Performance

• Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
• Creating a climate where people are developed and motivated to do their best to help the organization.

Values Diversity and Creates Inclusion

• Recognizing the value that different perspectives and cultures bring to an organization.

Fiscally Responsible

• Interpreting and applying understanding of key financial indicators to make better business decisions.
• Planning and prioritizing work to meet commitments aligned with organizational goals.

Leads Ethically and in a Compliant Manner

• Sponsoring and sustaining a high integrity speak-up corporate culture which prioritizes ethics, safety and compliance.
• Building on necessary level of industry, company and subject-matter expertise, including laws and regulations.

Provides a High Level of Customer Service

• Building strong customer relationships and delivering customer-centric solutions.

Compensation

PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed towards the middle or entry point of the range, the decision will be made on a case-by-case basis related to these factors.

A reasonable salary range is:

• Bay Area Minimum: $160,000
• Bay Area Maximum: $270,000

Role Overview:

As a Cybersecurity Awareness Campaign Content Development Intern, you will work closely with our Cybersecurity and Communications teams to develop creative and educational content that raises awareness about cybersecurity best practices. Your role will be crucial in helping employees understand key security topics and building a culture of security awareness throughout the organization. You will assist in designing a variety of multimedia content, from articles and videos to infographics and quizzes, aimed at engaging different audiences within the company. This internship offers the chance to gain hands-on experience in cybersecurity education and campaign development while working in a collaborative and innovative environment.

Company Overview:

If you live in a city, chances are we will give you a lift or play a role in keeping you moving every day. Otis is the world’s leading elevator and escalator manufacturing, installation, and service company. We move 2 billion people every day and maintain approximately 2.2 million customer units worldwide, the industry's largest Service portfolio.

You may recognize our products in some of the world’s most famous landmarks including the Eiffel Tower, Empire State Building, Burj Khalifa and the Petronas Twin Towers! We are 69,000 people strong, including engineers, digital technology experts, sales, and functional specialists, as well as factory and field technicians, all committed to meeting the diverse needs of our customers and passengers in more than 200 countries and territories worldwide. We are proud to be a diverse, global team with a proven legacy of innovation that continues to be the bedrock of a fast-moving, high-performance company.

When you join Otis, you become part of an innovative global industry leader with a resilient business model. You’ll belong to a diverse, trusted, and caring community where your contributions, and the skills and capabilities you’ll gain working alongside the best and brightest, keep us connected and on the cutting edge.

We provide opportunities, training, and resources, that build leadership and capabilities in Sales, Field, Engineering and Major Projects and our Employee Scholar Program is a notable point of pride, through which Otis sponsors colleagues to pursue degrees or certification programs.

Today, our focus more than ever is on people. As a global, people-powered company, we put people – passengers, customers, and colleagues – at the center of everything we do. We are guided by our values that we call our Three Absolutes – prioritizing Safety, Ethics, Quality in all that we do. If you would like to learn more about environmental, social and governance (ESG) at Otis click here.

• Create engaging content for cybersecurity awareness campaigns, including Viva Engage & SharePoint posts, email newsletters, videos, posters, and infographics.
• Collaborate with cybersecurity experts to research emerging threats and vulnerabilities, ensuring campaign content is up-to-date and relevant.
• Tailor content for different internal audiences such as general employees, IT teams, and executives.
• Develop interactive tools, quizzes, and materials to educate employees on phishing, social engineering, and other security risks.
• Assist in implementing distribution strategies for digital and physical cybersecurity content across various platforms.
• Monitor and measure the success of campaigns by analyzing engagement metrics and gathering feedback.
• Participate in brainstorming sessions to generate innovative ways to promote cybersecurity awareness.

Required Qualifications

• Currently pursuing a bachelor's degree in Communications, Marketing, Cybersecurity, Information Technology, or a related field.
• Strong writing and communication skills, with the ability to present technical topics in an engaging and easy-to-understand manner.
• An interest in cybersecurity and enthusiasm for educating others.
• Familiarity with content creation tools (e.g., Adobe Creative Cloud, Canva) and proficiency in Microsoft Office Suite.

Preferred Qualifications

• Experience with social media, graphic design, or video editing tools is a plus.
• Self-motivated, detail-oriented, and able to work independently or as part of a team.
• A willingness to learn and adapt in a fast-paced environment.

Apply today to join us and build what’s next!

Become a part of the Otis team and help us #Buildwhatsnext!

Otis is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. To request an accommodation in completing an employment application due to a special need or a disability, please contact us at careers@otis.com.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms.