• Value Delivery, Strategy & Risk Management

• Develop and implement a robust information security strategy and program that aligns with the organization’s objectives and regulatory requirements.

• Assess and manage cybersecurity risks across the organization's digital infrastructure, networks, and sensitive data. Implement risk mitigation strategies and ensure regular risk assessments and audits.

• Ensure the successful execution of cybersecurity program initiatives aimed at continuous improvements and increased cybersecurity maturity.

• Oversee security operations, including incident response, threat intelligence, and vulnerability management at all locations. Lead the organization's response to cybersecurity incidents and breaches, ensuring quick recovery and minimal impact.

• Oversee the selection and implementation of appropriate security technologies to protect the organization's systems and data.

• Oversee the security aspects of the company's digital transformation initiatives, including cloud adoption, OT and IoT integration.

• Brief the board of directors on the cybersecurity program and develop metrics to show measurable impact and progress of the cyber program and risk landscape.

• Stay informed on emerging threats, technologies, and regulatory requirements in the energy sector.

• GRC & Security Awareness

• Establish and enforce security policies and procedures that comply with relevant legal, industry standards, regulations, and best practices (e.g., NERC CIP, ISO/IEC 27001).

• Drive security awareness and training programs for employees at all levels to instill a sense of culture for cybersecurity.

• Oversee the business continuity and resiliency plan in strong collaboration with the CIO and other business leaders.

• Leadership & People Management

• Lead and mentor the cybersecurity team, fostering a culture of security awareness and continuous improvement.

• Develop, attract, and retain top talent for high performance and agility.

• Create a work climate that enables project team members to develop professionally and that values diversity, promotes teamwork, and emphasizes quality, customer satisfaction, creativity, continuous improvement, and cost effectiveness.

• Collaboration & Communication

• Collaborate with executive leadership, including the CIO, and business unit leaders, to ensure security initiatives support overall company goals and to integrate cybersecurity into business processes and decision-making.

• Work closely with IT, operations, and other departments to ensure a cohesive approach to cybersecurity.

• Work closely with vendors and other external stakeholders to ensure that security standards are maintained and integrated into all projects and processes.

• Serve as the liaison for collaboration and interacting with law enforcement agencies both local and federal.

• Performs other duties as assigned (no more than 5% of duties).

Required Qualifications

• Bachelor's Degree in Computer Science, Information Security, Cybersecurity, or a closely related field, and/or equivalent related experiences.
• 15 years of progressive experience in information security roles, with at least 5 to 7 years in a senior management role within a large, complex organization, preferably in the energy sector or related industries.
• Deep understanding of the latest cybersecurity technologies, practices, and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption, and other industry-standard techniques and practices. Knowledge of emerging technologies and their security implications (e.g., AI, IoT, cloud computing).
• Experience in managing security for critical infrastructure and operational technology (OT) environments.
• Extensive knowledge of relevant standards and regulations such as GDPR, NERC CIP, ISO/IEC 27001, and NIST frameworks.
• Broad knowledge of IT systems and architectures, with a strong grasp of cloud security, network security, and data security solutions.
• High-level analytical skills to assess security systems, foresee potential vulnerabilities, and devise strategies to mitigate risks.
• Excellent verbal and written communication skills, capable of clearly explaining complex security risks and strategies to stakeholders at all levels, including non-technical audiences.
• Demonstrated leadership ability to guide and inspire a team of security professionals.

Preferred Qualifications

• Master's Degree in computer science, computer information systems engineering, business, related discipline, MBA, or equivalent training and/or experience.
• Bilingual (English/Spanish) highly desirable.
• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certified Chief Information Security Officer (CCISO).
• Other relevant industry certifications such as CompTIA Security+, GIAC Security Essentials, or Certified Information Systems Auditor (CISA).

• Work Schedule: HYBRID: Work a combination of onsite and remote days each week, typically 3 days per week onsite.
• Area of Interest: Information Technology
• Full Time/Part Time: Full-time
• Min Salary: $189,500.00
• Mid Point: $236,900.00
• Max Salary: $284,300.00
• Total Rewards Philosophy:
• Note: The Company strives to ensure that employees are paid equitably and competitively. Starting salaries may vary based on factors such as relevant experience, qualifications, and education.
• Sempra Infrastructure offers a competitive total rewards package that goes beyond the base salary. This position is eligible for an annual performance-based incentive (bonus) as well as long-term incentive plans and additional merit-based recognition. Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, as well as other company offerings such as tuition reimbursement, paid parental leave, and employee assistance programs.