Location: San Luis Obispo, California
Duration: Permanent Role
Duration: Permanent Role
Position: Lead Information Security Engineer
Our client is looking for a Lead Information Security Engineer out of San Luis Obispo, California. The candidate would have the opportunity to join a team and enjoyable place to work with competitive benefits, a healthy work/life balance, and a friendly, casual culture.
How You'll Contribute
- Analyzing, troubleshooting, and investigating security-related, system issues on security platform reporting, network traffic, log files, host-based and automated security alerts.
- Maintaining, configuring, and analyzing network and host-based security platforms.
- Identify security issues and risks, and develop mitigation plans.
- Implement, support, and evaluate security-focused tools and services including project leadership roles.
- Mentor junior members of the team.
- Participate in security compliance efforts (e.g., PCI, DSS, SOX)
- Acquisition and vendor risk assessment due diligence.
- Evaluate and recommend new and emerging security products and technologies.
- Participate in tier 2 and tier 3 security operations support.
- Participate in incident handling.
- Participate in projects that develop new intellectual property.
- Evangelize security within Company and be an advocate for customer trust.
- Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
- Provide reoccurring reports for network and host-based security solutions.
- Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
- Provide off-hours support on an infrequent, but as needed basis.
- Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment.
- Evaluate documented resolutions and analyze trends for ways to prevent future problems.
- Research and recommend innovative, and where possible, automated approaches for system administration tasks.
- Identify approaches to solutions that leverage our resources and provide economies of scale.
- Keep current with the latest technologies.
What You'll Bring
- A minimum of 3-5 years IT experience; at least three of those years focused on IT security, infrastructure or application level vulnerability testing and auditing, and/or network security.
- Experience with some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems.
- Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
- Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving.
- Strong understanding of enterprise, network, system and application level security issues.
- Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
- Understanding of the system hardening processes, tools, guidelines and benchmarks.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security - Basic knowledge of Linux, Windows, OSX systems
- Knowledge of Networking fundamentals.
- Working knowledge of a range of diagnostic utilities.
- Exceptional written and oral communication skills.
- Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills.
- Strong documentation skills.
- Experience integrating Windows services with Unix/Linux environments is strongly desired.
- Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.
- Network and Security related certifications highly desired.
- Ability to conduct research into a wide range of computing issues as required.
- Ability to absorb and retain information quickly.
- Ability to present ideas in user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Exceptional customer service orientation.
- Experience working in a team-oriented, collaborative environment.
- Have a strong desire to learn continually and grow professionally.
What We Offer
This is an exciting time in our history. With investments in our people, technology and new business markets, we are redefining the role and purpose of a credit bureau. We are acquiring new businesses, launching new products, and expanding our services to businesses and consumers worldwide.
The future has never looked brighter for our associates. We work hard to offer our team members meaningful work experiences to promote professional growth, and to provide an enjoyable place to work with competitive benefits, a healthy work/life balance, and a friendly, casual culture.