21 Apr
Fulltime Job Opportunity: Senior Information Security Engineer/Architect - Redwood City, CA
Vacancy expired!
- Serve as the overall lead and will be responsible for direct hands-on implementation and operationalization (developing RACIs, creating daily workflows, etc.) of new technologies and maintenance of existing tools and cyber-security infrastructure.
- Work with other members of the Security Operations team to help drive the delivery of the security engineering, threat response, vulnerability management and blue and red team operations.
- The ideal candidate will have proven experience with implementing, administering and operationalizing security solutions for a highly remote workforce environment.
- This person will also work with the GRC team to pull evidence for cyber-security audits and will serve as an integral part of the Security Leadership team helping to lead and mature the security program.
- Providing security architecture for solution implementations & deployment
- Deployment of Security framework such as NIST 800-53
- Crowdstrike or Netskope DLP implementation, Tenable Nessus etc.
- Strong project management and hands-on solution implementation experience
- In-depth knowledge of security concepts in the various security domains which include authentication, access control, security monitoring, security testing, intrusion detection/prevention, attacks and countermeasures, cryptography, endpoint security, network security and infrastructure, assessments and audits, organizational security
- Ability to positively collaborate with IT and the other business unit teams to specify, architect and implement multiple types of security controls.
- Ensure that the potential impact of engineering changes is well understood, using data to support understanding of upstream and downstream dependencies.
- Familiarity with AWS security best practices (e.g. Terraform, Ansible, CloudFormation or similar.)
- Experience deploying, maintaining, and administering security technologies including. (ie Endpoint protection, IDS, DLP, FIM, WAFs/Firewalls, SIEM, reverse proxies, etc.
- Direct experience with maintaining and utilizing common commercial and open-sourced vulnerability scanning and security auditing tools (Nessus, Nexpose, OpenVAS, etc.) in both cloud (virtual machines, AWS, Azure, etc.) and conventional (endpoints, servers, etc.) environments
- Extensive Windows, Mac OS/iOS, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies
- Desktop, server, application, database, and network security hardening principles and practices for threat prevention
- Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment
- Proven ability to evaluate/apply new and emerging security technologies and solutions
- Ability to analyze and prioritize vulnerabilities to appropriately characterize threats along with experience working as part of a patch management process and a familiarity with patching tools (i.e. SCCM, JAMF, KACE, etc.)
- Strong familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
Vacancy expired!