Senior Information Security Engineer--Leading Public Company

CyberCoders

(Los Angeles, California)
Full Time
Job Posting Details
About CyberCoders
CyberCoders, a division of On Assignment, is a leading permanent placement recruiting firm. Through our innovative technology and efficient recruiters, CyberCoders helps find the right candidate for the right job.
Summary
We are an established, public company with 4,000 employees in over 30 countries. Our company is at the forefront of the leadership development, enterprise learning, and succession planning industries. You will have the chance to work on exciting projects with a talented team.
Responsibilities
* Under the direction of the Information Security Officer, develop strategies and plans to achieve security requirements and address identified risks. * Assist in the development of security architecture and security policies, principles and standards. * Gather, analyze and assess the current and future threat landscape, and assist the Information Security Officer in providing leadership with a realistic overview of risks and threats in the enterprise environment. * Work with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. * Support Information Security Officer to identify information asset owners and to classify data and systems as part of a control framework implementation. * Monitor and report on compliance with security policies, as well as the enforcement of policies within ITG. * Perform security testing and vulnerability assessments to identify security strengths and weaknesses, to assess the effectiveness of existing controls, and to recommend remedial action. * Provide/coordinate security and privacy communication, awareness and training for audiences which may include senior leaders, ITG staff, field employees, contractors, alliances, and other third parties. * Perform incident management and response activities as a member of the firm’s incident management team. As required, assist in triage, response and mitigation, post mortem analyses, and forensic analyses. * Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program. * Provide support and guidance for legal and regulatory compliance efforts, including audit support, and assist with the resolution of negative audit findings as reported by internal or external auditors. * Play an advisory role in the application development lifecycle to assess security requirements and controls and to ensure that security controls are implemented as planned. * Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. * Under the direction of the Information Security Officer, perform research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment. * Provide technical and managerial expertise for the administration of security tools. * Develop a strong working relationship with the corporate and brand infrastructure teams to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements. * Review audit trails, system logs and other monitoring data sources regularly and ensure they are in compliance with policies and audit requirements. * Participate in Disaster Recovery (DR) planning and in Business Continuity (BC) planning as a member of the DR and BC teams.
Ideal Candidate
* Education: An undergraduate degree is desired, preferably engineering related. * Technical certifications are a plus - CISSP Certification is preferred. * 5-15 years of IT or network security experience, especially working with security monitoring tools such as ArcSight, TippingPoint, WebSense DLP, ForeScout Counteract, Bit9 and others. * In-depth knowledge of risk assessment methods and technologies * Proficient use of various tools and techniques, including risk, business impact, control and vulnerability assessments, used to identify business needs and determine control requirements. * Excellent technical knowledge of Microsoft Windows operating systems and a wide range of security technologies, such as network security appliances, identity and access management systems, anti-malware solutions, automated policy compliance, logging and filtering tools, and desktop security solutions. * Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts. * Experience in system and application technology security testing, including static and dynamic code review, vulnerability scanning and penetration testing. * Experience with IDS/IPS/SIEM and related security tools and technologies, such as Tipping Point, SolarWinds and ArcSight and RSA. * Familiarity with router and firewall operations and maintenance. * Safe Harbor and SOX experience preferred.
Compensation and Working Conditions
Benefits Benefits included

Additional Notes on Compensation

Competitive base salary between $120-150k (depending on experience).

Questions

Answered by on
This question has not been answered
Answered by on

There are no answered questions, sign up or login to ask a question

Want to see jobs that are matched to you?

DreamHire recommends you jobs that fit your
skills, experiences, career goals, and more.