About the job
THIS ROLE CAN BE DONE MOSTLY REMOTE W/ QUARTERLY TRAVEL (FOR UP TO 1 WEEK AT A TIME) TO PLAYA VISTA, CA BY THOSE LOCATED IN THE US / AUTHORIZED FOR WORK IN THE US. YOU WOULD BE REQUIRED TO WORK PDT / PST TIME ZONE DAILY.
Our client is looking for a Sr. Cyber Security Engineer to join our dynamic Technology team.
In this role, you will be responsible for the overall security of the organization. This encompasses end-user awareness training, utilizing user behavioral and threat-based analytics to identify issues, reviewing on-going SOX, PCI, and other regulatory compliance reqs (to implement those policies in our tools), assisting in developing policies, playbooks, etc. all while working with various business units for compliance.
What You'll Do:
Work closely with IT management to define security practices for the organization and present recommendations to both technical and non-technical team members
Work closely with the Director of IT to help define a security strategy and roadmap
Perform gap and risk assessments of our current organization and make recommendations on how to remediate
Help consolidate redundant security tools (for example: MFA / SSO is currently being done w/ both Okta & Dou, Dou will be retired)
Contribute to monitoring (SIEM), MDM, end point management, vulnerability detection, etc.
Help fix / improve patch management (currently our servers aren't all automatically being patched)
Understand and explain the underlying techniques that hackers use to exploit and penetrate systems
Maintain a strong technical background to help remedy any vulnerabilities in the organization
Ongoing SOX and PCI compliance and familiarization of the processes
Work closely with security vendors, regularly review logs, UBA, and other security tools and respond accordingly
Map security findings to business impact and communicate security messaging effectively across all business units and to the leadership team
Work closely with Software Engineering and BI teams to ensure our AWS infrastructure is secure
You'll love this job if you are:
A strong communicator and collaborator. From elevator chats to boardroom meetings, you always know the best way to communicate with others to forge effective connections.
Dedicated and fast-moving. You're known to operate with passion, urgency, focus, and discipline
A talented juggler. You successfully manage competing priorities, and you make it look easy
Results oriented and a self-starter. You love to exceed set goals and take on new projects
The definition of integrity. You represent and inspire the highest ethical standards.
Adaptable and ambitious. You will enthusiastically take on other assignments as needed to support your team!
What You'll Need:
Bachelor's degree is a plus
Relevant certifications are a plus.
5+ years of Cyber Security engineering experience that includes:
Experience hardening systems, specifically cloud-heavy environments ideally w/ AWS
Familiarity with cloud computing technology and various means to secure them.
Ideally working in an environment that is 50% or more cloud-based leveraging cloud for IaaS (we are almost 100% in the cloud w/ AWS)
Ideally in the context of securing workloads / servers in the cloud
Knowledge of different attack vectors and methods helpful
Experience analyzing an exploited system and remediating accordingly
Experience monitoring threat actor tactics, techniques and procedures (TTP's) helpful.
Implementation/configuration of as many of the following tools as possible (as our environment is a bit of a fixer upper requiring tool re-implementation, implementation, migration/consolidation)
AWS security (any tools w/in that context are a plus)
Windows / Linux servers, including Linux command line for AWS security
Splunk for SIEM (including regex)
Netskope for CASB (including Curl / Boto / Python)
Crowdstrike or a comparable tool for threat hunting / end point mgmt (must be able to learn/ramp up w/ Crowdstrike quickly if you don't have it)
Proofpoint or a comparable tool for email / phishing / DLP (must be able to learn/ramp up w/ Proofpoint quickly if you don't have it)
Tenable or a comparable tool for vulnerability mgmt tool (must be able to learn/ramp up w/ Tenable quickly if you don't have it)
Any SSO / MFA (Okta / Duo preferred)
Any MDM tool (VMware Workspace One preferred)
AD / Azure AD
Former infrastructure administration / engineering in any of the following is helpful
Solid experience w/ OS (Max, Windows, Linux)
Network devices like firewalls a big plus (especially cloud-based)
Virtualization (VMware and/or Hyper-V welcome)
WAF - web application firewalls a big plus
We have a dedicated IT team you will work w/ (in the context of hardening our environment)
Good business sense to logically think through problems and deliver a balanced approach to security
About the job
THIS ROLE CAN BE DONE MOSTLY REMOTE W/ QUARTERLY TRAVEL (FOR UP TO 1 WEEK AT A TIME) TO PLAYA VISTA, CA BY THOSE LOCATED IN THE US / AUTHORIZED FOR WORK IN THE US. YOU WOULD BE REQUIRED TO WORK PDT / PST TIME ZONE DAILY.
Our client is looking for a Sr. Cyber Security Engineer to join our dynamic Technology team.
In this role, you will be responsible for the overall security of the organization. This encompasses end-user awareness training, utilizing user behavioral and threat-based analytics to identify issues, reviewing on-going SOX, PCI, and other regulatory compliance reqs (to implement those policies in our tools), assisting in developing policies, playbooks, etc. all while working with various business units for compliance.
What You'll Do:
Work closely with IT management to define security practices for the organization and present recommendations to both technical and non-technical team members
Work closely with the Director of IT to help define a security strategy and roadmap
Perform gap and risk assessments of our current organization and make recommendations on how to remediate
Help consolidate redundant security tools (for example: MFA / SSO is currently being done w/ both Okta & Dou, Dou will be retired)
Contribute to monitoring (SIEM), MDM, end point management, vulnerability detection, etc.
Help fix / improve patch management (currently our servers aren't all automatically being patched)
Understand and explain the underlying techniques that hackers use to exploit and penetrate systems
Maintain a strong technical background to help remedy any vulnerabilities in the organization
Ongoing SOX and PCI compliance and familiarization of the processes
Work closely with security vendors, regularly review logs, UBA, and other security tools and respond accordingly
Map security findings to business impact and communicate security messaging effectively across all business units and to the leadership team
Work closely with Software Engineering and BI teams to ensure our AWS infrastructure is secure
You'll love this job if you are:
A strong communicator and collaborator. From elevator chats to boardroom meetings, you always know the best way to communicate with others to forge effective connections.
Dedicated and fast-moving. You're known to operate with passion, urgency, focus, and discipline
A talented juggler. You successfully manage competing priorities, and you make it look easy
Results oriented and a self-starter. You love to exceed set goals and take on new projects
The definition of integrity. You represent and inspire the highest ethical standards.
Adaptable and ambitious. You will enthusiastically take on other assignments as needed to support your team!
What You'll Need:
Bachelor's degree is a plus
Relevant certifications are a plus.
5+ years of Cyber Security engineering experience that includes:
Experience hardening systems, specifically cloud-heavy environments ideally w/ AWS
Familiarity with cloud computing technology and various means to secure them.
Ideally working in an environment that is 50% or more cloud-based leveraging cloud for IaaS (we are almost 100% in the cloud w/ AWS)
Ideally in the context of securing workloads / servers in the cloud
Knowledge of different attack vectors and methods helpful
Experience analyzing an exploited system and remediating accordingly
Experience monitoring threat actor tactics, techniques and procedures (TTP's) helpful.
Implementation/configuration of as many of the following tools as possible (as our environment is a bit of a fixer upper requiring tool re-implementation, implementation, migration/consolidation)
AWS security (any tools w/in that context are a plus)
Windows / Linux servers, including Linux command line for AWS security
Splunk for SIEM (including regex)
Netskope for CASB (including Curl / Boto / Python)
Crowdstrike or a comparable tool for threat hunting / end point mgmt (must be able to learn/ramp up w/ Crowdstrike quickly if you don't have it)
Proofpoint or a comparable tool for email / phishing / DLP (must be able to learn/ramp up w/ Proofpoint quickly if you don't have it)
Tenable or a comparable tool for vulnerability mgmt tool (must be able to learn/ramp up w/ Tenable quickly if you don't have it)
Any SSO / MFA (Okta / Duo preferred)
Any MDM tool (VMware Workspace One preferred)
AD / Azure AD
Former infrastructure administration / engineering in any of the following is helpful
Solid experience w/ OS (Max, Windows, Linux)
Network devices like firewalls a big plus (especially cloud-based)
Virtualization (VMware and/or Hyper-V welcome)
WAF - web application firewalls a big plus
We have a dedicated IT team you will work w/ (in the context of hardening our environment)
Good business sense to logically think through problems and deliver a balanced approach to security
English
Arabic
French
Spanish
Portuguese
Deutsch
Turkish
Dutch
Italiano
Russian
Romaian
Portuguese (Brazil)
Greek