Currently, we are looking for talented resources for one of our listed clients. If interested please reply to me with your updated resume or feel free to reach out to me for more details at .Title: Information Security Engineer Location: San Jose, CA Duration: Full time Job Description:The candidate will work as a member of the Corporate Security Team and assist in various day to day operational activities such as:
- Drive customer's Corporate Security Program based on the NIST CSF Identify, Detect, Protect, Respond and Recover
- Develops, publishes, and maintains comprehensive organization-wide information privacy and security plans, policies, procedures, and guidelines.
- Lead the development, implementation, and maintenance of security policies, standards, and guidelines.
- Identify and Monitor customer's Corporate Networks to determine if there have been any attacks. Analyze network traffic to identify anomalies and test information security controls for weaknesses.
- Design and implement safeguards to protect the system with the help of network engineers and other members of the Technology Services team.
- Respond to threats by taking mitigating actions to contain the activity and minimize damage. Participate in risk assessments and breach readiness exercises for incident management.
- Facilitate forensics analysis to determine the source of the threat. Document lessons learned as well as identify process improvements.
- Communicate security issues to management via reports, dashboards. Provide weekly metrics on overall security posture.
- Research emerging threats and work with the Security Operations Center (SOC).
- Drive the Third-party vendor security evaluation.
- Participate in the security toll-gates on SSDLC projects.
- Implement innovative solutions to scale the program with an emphasis on automation where applicable.
- Bachelor's Degree in Business, Computer Science or in a STEM major (Science, Technology, Engineering, or Math).
- Minimum of 8 years of experience in Information Security
- Experience of Security Incident and Event Management (SIEM) tools (Splunk).
- Experience in Endpoint security Detection and Response
- Experience in system and network security.
- Experience in continuous security infrastructure monitoring tools like Qualys.
- Previous enterprise or platform/cloud vulnerability management experience and Cloud Security.
- Experience driving PCI compliance and GDPR programs is a plus
- Knowledge of software development, computer networks and Internet threat activity.
- Excellent written and verbal communication skills, including experience engaging with executive and technical audiences.
- Programming experience in Python, Perl, and HTML/JS
- Must be able to work in a fast-paced, high profile environment.
- A Bachelor's degree in Engineering