Tuesday, June 20, 2017

Lead Information Security Engineer

Location: San Luis Obispo, California

Duration: Permanent Role
Position: Lead Information Security Engineer
Job Description:       
Our client is looking for a Lead Information Security Engineer out of San Luis Obispo, California. The candidate would have the opportunity to join a team and enjoyable place to work with competitive benefits, a healthy work/life balance, and a friendly, casual culture.

How You'll Contribute
  • Analyzing, troubleshooting, and investigating security-related, system issues on security platform reporting, network traffic, log files, host-based and automated security alerts.
  • Maintaining, configuring, and analyzing network and host-based security platforms.
  • Identify security issues and risks, and develop mitigation plans.
  • Implement, support, and evaluate security-focused tools and services including project leadership roles.
  • Mentor junior members of the team.
  • Participate in security compliance efforts (e.g., PCI, DSS, SOX)
  • Acquisition and vendor risk assessment due diligence.
  • Evaluate and recommend new and emerging security products and technologies.
  • Participate in tier 2 and tier 3 security operations support.
  • Participate in incident handling.
  • Participate in projects that develop new intellectual property.
  • Evangelize security within Company and be an advocate for customer trust.
  • Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
  • Provide reoccurring reports for network and host-based security solutions.
  • Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
  • Provide off-hours support on an infrequent, but as needed basis.
  • Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment.
Strategy&Planning:
  • Evaluate documented resolutions and analyze trends for ways to prevent future problems.
  • Research and recommend innovative, and where possible, automated approaches for system administration tasks.
  • Identify approaches to solutions that leverage our resources and provide economies of scale.
  • Keep current with the latest technologies.
What You'll Bring
  • A minimum of 3-5 years IT experience; at least three of those years focused on IT security, infrastructure or application level vulnerability testing and auditing, and/or network security.
  • Experience with some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems.
  • Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
  • Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving.
  • Strong understanding of enterprise, network, system and application level security issues.
  • Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Understanding of the system hardening processes, tools, guidelines and benchmarks.
  • Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security - Basic knowledge of Linux, Windows, OSX systems
  • Knowledge of Networking fundamentals.
  • Working knowledge of a range of diagnostic utilities.
  • Exceptional written and oral communication skills.
  • Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills.
  • Strong documentation skills.
  • Experience integrating Windows services with Unix/Linux environments is strongly desired.
  • Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.
  • Network and Security related certifications highly desired.
Other skills:
  • Ability to conduct research into a wide range of computing issues as required. 
  • Ability to absorb and retain information quickly.
  • Ability to present ideas in user-friendly language.
  • Highly self-motivated and directed.
  • Keen attention to detail.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Exceptional customer service orientation.
  • Experience working in a team-oriented, collaborative environment.
  • Have a strong desire to learn continually and grow professionally.

Adam Kemp