Location: San Luis Obispo, California
Duration: Permanent Role
Duration: Permanent Role
Position: Lead Information Security Engineer
Our client is looking for a Lead Information Security Engineer out of San Luis Obispo, California. The candidate would have the opportunity to join a team and enjoyable place to work with competitive benefits, a healthy work/life balance, and a friendly, casual culture.
How You'll Contribute
- Analyzing, troubleshooting, and investigating security-related, system issues on security platform reporting, network traffic, log files, host-based and automated security alerts.
- Maintaining, configuring, and analyzing network and host-based security platforms.
- Identify security issues and risks, and develop mitigation plans.
- Implement, support, and evaluate security-focused tools and services including project leadership roles.
- Mentor junior members of the team.
- Participate in security compliance efforts (e.g., PCI, DSS, SOX)
- Acquisition and vendor risk assessment due diligence.
- Evaluate and recommend new and emerging security products and technologies.
- Participate in tier 2 and tier 3 security operations support.
- Participate in incident handling.
- Participate in projects that develop new intellectual property.
- Evangelize security within Company and be an advocate for customer trust.
- Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
- Provide reoccurring reports for network and host-based security solutions.
- Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
- Provide off-hours support on an infrequent, but as needed basis.
- Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment.
- Evaluate documented resolutions and analyze trends for ways to prevent future problems.
- Research and recommend innovative, and where possible, automated approaches for system administration tasks.
- Identify approaches to solutions that leverage our resources and provide economies of scale.
- Keep current with the latest technologies.
What You'll Bring
- A minimum of 3-5 years IT experience; at least three of those years focused on IT security, infrastructure or application level vulnerability testing and auditing, and/or network security.
- Experience with some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems.
- Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
- Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving.
- Strong understanding of enterprise, network, system and application level security issues.
- Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
- Understanding of the system hardening processes, tools, guidelines and benchmarks.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security - Basic knowledge of Linux, Windows, OSX systems
- Knowledge of Networking fundamentals.
- Working knowledge of a range of diagnostic utilities.
- Exceptional written and oral communication skills.
- Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills.
- Strong documentation skills.
- Experience integrating Windows services with Unix/Linux environments is strongly desired.
- Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.
- Network and Security related certifications highly desired.
- Ability to conduct research into a wide range of computing issues as required.
- Ability to absorb and retain information quickly.
- Ability to present ideas in user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Exceptional customer service orientation.
- Experience working in a team-oriented, collaborative environment.
- Have a strong desire to learn continually and grow professionally.