Job description

JOB TITLE: Senior Security Engineer

JOB NO:

FUNC: CORP IT

ORGANIZATIONAL ALIGNMENT: Information Technology

Human Resources Approval/Date:

Functional Executive(s) Approval/Date:

LOCATION: Irvine, CA

JOB SUMMARY

The Senior Security Engineer for Golden State will leverage processes and technology to ensure the organization’s systems and data are secure. Acting as a key cybersecurity stakeholder, the security engineer will devise and manage a security roadmap that maintains and strengthens the company's security posture. This is a hands-on role that requires active participation in assessing and remediating security vulnerabilities and managing security incidents. Success in this role requires an individual who is organized, assertive, resourceful and an excellent communicator.

ESSENTIAL FUNCTIONS

(% of time may vary depending on assignments/projects)

• Cybersecurity Operations
• Execute cybersecurity processes, procedures, and policies
• Lead and/or participate in cybersecurity investigations. Work with other team members to find and validate indicators of compromise.
• Participate in threat hunting activities using tools and data available; make recommendations to enrich data sources for more accurate correlation
• Work with other team members to remediate security threats and compromises
• Work with other team members to identify root cause of security incidents and formulate preventative action plans
• Monitors and assesses the company’s security landscape on a continual basis. Prioritizes urgent security patches and remediations as needed.
• Leverage vulnerability scanning tools to ensure security patches have been properly applied.
• Promote awareness. Draft regular cybersecurity bulletins and tips to the end-user community. Conduct training sessions.
• Partner with and manage security service providers
• Lead and/or participate in regular security team meetings; prepare status reports

60%

• Production Support
• Support and maintain the cybersecurity platform (vulnerability management, web proxies, endpoint and email protection, SIEM, privileged account management, etc...)
• Process requests related to security tools (e.g. firewall exceptions, web usage reports)
• Perform and/or coordinate patches and upgrades to these systems as needed
• Address any security questions from internal and external audits and examinations.
• Perform security and risk assessments on potential affiliates, technology solutions and service providers

25%

• Security Roadmap
• Continuously assess the organizations security posture, report findings and make recommendations
• Stay up-to-date on cybersecurity best practices, trends and technologies.
• Evaluate additional security products and services as needed

15%

TRAVEL EXPECTATIONS

• Regular travel requirements (None)

MINIMUM QUALIFICATIONS

Education/Certification

• Four-year college preferred or commensurate work experience.
• Certified Information Systems Security Professional (CISSP), or related certification.

Experience

• 7+ years experience as a cybersecurity analyst/engineer
• Previous experience as a client/server or infrastructure engineer
• 2+ years conducting IT compliance exercises (system access audits, penetration tests, change management audits)
• Experience developing corporate cybersecurity policies and procedures

ESSENTIAL KNOWLEDGE, SKILLS AND ABILITIES

Expert

• Antivirus/Malware Software (SentinelOne, CrowdStrike)
• Cybersecurity Frameworks (NIST, ISO 27000)
• Security Incident Response Frameworks
• Vulnerability Scanning and Management tools (e.g. Tenable, Rapid7)
• Email Protection (Mimecast, ProofPoint)

Proficient

• PowerShell, BASH
• IPS/IDS Technology
• Web Gateways
• SIEM Technologies (i.e. Exabeam, Splunk)
• Networking Concepts
• Client and Servers Operating Systems (e.g. Windows, Linux)
• Active Directory & Azure AD
• Microsoft 365
• Cloud Firewall (Zscaler)
• MFA/2FA
• SSO (SAML, OAUTH)

Basic

• Web Services
• ServiceNow
• Agile Methodology
• Patching Tools (SCCM)
• Enterprise Architecture
• Backup Technologies (i.e. Veeam, Cohesity, CommVault)
• PCI Compliance
• Privileged Access Management (i.e. Thycotic, CyberArk)
• Apple iOS
• ITIL
• Database Technologies (SQL, Oracle)

C

Benefit Conditions:

• Only full-time employees eligible

COVID-19 Precaution(s):

• Remote interview process
• Personal protective equipment provided or required
• Social distancing guidelines in place
• Virtual meetings
• Sanitizing, disinfecting, or cleaning procedures in place

Job Type: Full-time

Pay: $130,000.00 - $140,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Vision insurance

Compensation package:

• Bonus pay
• Yearly pay

Experience level:

• 7 years

Schedule:

• 8 hour shift

Education:

• Bachelor's (Preferred)

Experience:

• Compliance policy maker: 4 years (Preferred)
• Cybersecurity: 7 years (Required)

Work Location: Hybrid remote in Irvine, CA 92612

seankuhnke.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, seankuhnke.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, seankuhnke.com is the ideal place to find your next job.