Principal Cybersecurity Auditor (Hybrid)

Sempra: Where opportunity powers impact

At Sempra, we tackle the biggest energy challenges that face our industry. Our high-performing team leverages the full capabilities of our organization to serve 40 million consumers across North America. By collaborating and challenging one another across multiple disciplines, we inspire our best work, ideas and innovation. From increasing liquified natural gas (LNG) capacities to reducing carbon emissions to helping people prepare for the realities of climate change, we are committed to building a better energy future for all.

Primary Purpose

Plan and oversee all phases of cybersecurity audit engagements. Perform internal audit controls testing and documentation, working paper review and sign-off, report writing, and follow-up of previously reported management corrective actions. Provide cybersecurity audit advisory and consultancy to internal technology and non-technology business partners. Focus on cybersecurity audit engagements but may include an occasional non-cybersecurity audit. Involvement in developing the annual audit plan and participation in ad-hoc projects. Lead teams of generally one to four people on audit engagements - potentially including contract and co-source staff. The role is purely an internal audit function (e.g., not cybersecurity engineering, security operations, or network infrastructure implementation). Audit Services operates in conformance with the Institute of Internal Auditors' Global Audit Standards for the Professional Practice of Internal Auditing.

Duties and Responsibilities

• Performs audit controls testing, advisory, and consultancy work, documentation and report writing.
• Oversees audit, advisory and consultancy engagements.
• Ensures previously reported management corrective actions are fulfilled.
• Performs other duties as assigned (no more than 5% of duties).