9 days old

Enterprise Security Engineer

Santa Ana, CA 92705
  • Job Code
job summary:

The Enterprise Security Engineer is responsible for assisting with the maintenance the corporate information security program to ensure the confidentiality, integrity, and availability of company assets. The program includes: policies, standards, guidelines, and controls to manage and prevent risk to the enterprise. Responsible for technology security reviews, application and process security reviews, vulnerability assessments, monitoring of key and compensating controls, monitoring baseline configuration standards, and identifying control gaps to remediate risks and recommend/implement controls.

location: Santa Ana, California
job type: Permanent
work hours: 8 to 5
education: No Degree Required
  • Lead computer forensic analysis and work with internal investigations and outside parties to product chain of custody documentation and details of analysis.
  • Conduct and coordinate risk assessments against systems and processes to ensure appropriate controls are in place and recommend/implement controls to remediate risk findings.
  • Document information security policies, procedures, and tests.
  • Coordinate and lead the implementation of security tools and controls with Enterprise Technology Services and outside vendors.
  • Perform daily operations and monitor events from multiple sources including, but not limited to, SIEM consoles, network and host based intrusion detection systems, firewall consoles, system logs (Unix and Windows), applications, databases, and other security information monitoring tools.
  • Create and maintain documentation for procedures and process improvement.
  • Participates in the Computer Incident Response Team in the event of an incident or disaster. Assists in maintaining the CIRP and recommends updates and changes.
  • Develop network security baseline configuration standards for firewalls, routers, switches, load balancers, and related network appliances.
  • Develop computer security baseline configuration standards for servers, workstations and databases.
  • Conduct and lead internal vulnerability assessments and responses to external vulnerability assessments and penetration tests.
  • Work with external vendors for conducting application, system and process security assessments. Review the accuracy of the findings relevant to the organization.
  • Review violations of information security procedures and discuss procedures with violators to ensure violations are not repeated.
  • Identify regulatory changes that will affect data and application security policy, standards, and procedures. Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud scams, and best practices and tools available for system/network protection.
  • Train users and promote security awareness to ensure enterprise security.
  • Safeguard sensitive information by working with business units to determine and enforce appropriate access levels.
  • Ensures that enterprise data is securely protected from internal and external, intentional and non-intentional access, alteration, and deletion.
  • Analyze impact on, and risk to, essential business functions or information systems to identify acceptable recovery time periods and resource requirements.
  • Establish, maintain, or test call trees to ensure appropriate communication during disaster.
  • Write reports to summarize testing activities, including descriptions of goals, planning, scheduling, execution, results, analysis, conclusions, and recommendations.
  • Create or administer training and awareness presentations or materials.
  • Develop training materials.
  • Recommend or implement methods to monitor, evaluate, or enable resolution of safety, operations, or compliance interruptions.
  • Knowledge of regulations and policies pertaining to information and cyber security.
  • Knowledge of PCI DSS standards.
  • Knowledge of secure coding standards.
  • Knowledge of vulnerability assessment tools and techniques.
  • Knowledge of virtual technology: VMware, Virtualbox.
  • Strong analytical skills to analyze and solve problems.
  • Good communication skills both written and orally.
  • Must be organized and be able to communicate effectively with a wide variety of users in different locations.
  • Ability to interact with staff, members and others encountered in the course of work.
  • Ability to learn and apply new information or skills.
  • Ability to observe and interpret people and situations
  • Ability to perform highly detailed work on multiple, concurrent tasks.
  • Ability to work under intense deadlines.
  • Experience in the financial industry preferred, but not required.
  • Experience with PCI DSS standards and technology.
  • Experience with secure architecture and application design.
  • Experience with vulnerability assessment and risk assessment evaluation.
  • Experience with relevant technologies, such as centralized logging, advanced TCP networking, antivirus monitoring/prevention, malicious code prevention/remediation, intrusion detection and prevention desirable.
  • Bachelor's Degree in Computer Science, Information Security, Information Assurance or related technology field.
  • Minimum 3 years of related and relevant experience in IT security.

Relevant security certifications (at least one), such as CISSP or SANS GIAC required

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.

We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.


Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Enterprise Security Engineer

Randstad Technologies
Santa Ana, CA 92705

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast