21 Apr
Fulltime Job Opportunity: Senior Information Security Engineer/Architect - Redwood City, CA
California, Redwoodcity , 94061 Redwoodcity USA

Vacancy expired!

Reach out to Saurabh 669, 770, 3609; saurabh [at] triuneinfomatics.com Position: Senior Information Security Engineer

Location: Redwood City, CA

Job Type: FULL-TIME Client is Software as a Service (SaaS) medical device company. They are looking for a

Senior Information Security Engineer with significant hands-on security operations, security infrastructure design and administration experience to help continue to shape the foundation and mature cyber-defense, detection, and response capabilities.

Role & Responsibilities:
  • Serve as the overall lead and will be responsible for direct hands-on implementation and operationalization (

    developing RACIs, creating daily workflows, etc.) of new technologies and

    maintenance of existing tools and cyber-security infrastructure.
  • Work with other members of the

    Security Operations team to help drive the delivery of the security engineering, threat response, vulnerability management and blue and red team operations.
  • The ideal candidate will have proven experience with implementing, administering and operationalizing security solutions for a highly remote workforce environment.
  • This person will also work with the GRC team to

    pull evidence for cyber-security audits and will serve as an integral part of the Security Leadership team helping to lead and mature the security program.

Technical Skills:
  • Providing security architecture for solution implementations & deployment
  • Deployment of Security framework such as NIST 800-53
  • Crowdstrike or Netskope DLP implementation, Tenable Nessus etc.
  • Strong project management and hands-on solution

    implementation experience
  • In-depth knowledge of security concepts in the various security domains which include

    authentication, access control, security monitoring, security testing, intrusion detection/prevention, attacks and countermeasures, cryptography, endpoint security, network security and infrastructure, assessments and audits, organizational security
  • Ability to positively collaborate with IT and the other business unit teams to specify, architect and implement multiple types of security controls.
  • Ensure that the potential impact of engineering changes is well understood, using data to support understanding of upstream and downstream dependencies.
  • Familiarity with

    AWS security best practices (e.g. Terraform, Ansible, CloudFormation or similar.)
  • Experience deploying, maintaining, and administering security technologies including. (ie Endpoint protection, IDS, DLP, FIM, WAFs/Firewalls, SIEM, reverse proxies, etc.
  • Direct experience with maintaining and

    utilizing common commercial and open-sourced vulnerability scanning and security auditing tools (Nessus, Nexpose, OpenVAS, etc.) in both cloud (virtual machines, AWS, Azure, etc.) and conventional (endpoints, servers, etc.) environments
  • Extensive Windows, Mac OS/iOS, Linux and Unix experience

    including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies
  • Desktop, server, application, database, and network security hardening principles and practices for threat prevention
  • Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment
  • Proven ability to evaluate/apply new and emerging security technologies and solutions
  • Ability to analyze and prioritize vulnerabilities to appropriately characterize threats along with experience working as part of a patch management process and a familiarity with patching tools (i.e

    . SCCM, JAMF, KACE, etc.)
  • Strong familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes

    (CVE, CVSS, CPE).

Vacancy expired!


Related jobs

Report job