- Location: Santa Ana, CA
- Job Type: Right to Hire
- Ref No: 21-04924
- Date: September 01, 2021
Job Description - Security Engineer
6 to 8 Month Contract to Hire
Remote to Start
Santa Ana, CA
In your new role of Senior Security Vulnerability Engineer, you will be responsible for providing operational security solutions that would enable the success of IT and business initiatives. As a Senior Security Engineer, you will interface with IT Groups across the company, client managers, business customers, third-parties, vendors, and auditors.
You’ll co-design (along with the Security Architect) and operationalize security solutions that can be effectively delegated to Security Analysts or other support/operations functions. The scope of Security Engineers extends across technical and administrative controls that enable the protection and availability of business and IT systems.
- Essential Functions Providing technical engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement Investigates, recommends, evaluates, deploys and integrates security tools and techniques to improve our ability to protect corporate assets and infrastructure.
- Participate in technical risk assessments and security exposure analyses of systems, networks and business applications
- Evaluate and implement security devices such as firewalls, IDS, IPS, threat correlation tools, vulnerability management tools, encryption capabilities, etc.
- Analyzes network elements and designs to ensure secure and optimal system and network performance and cost effectiveness.
- Oversees the purchase, installation, and support of security devices.
- Responsible for assessing and managing information security risks to pre-existing current systems.
- Assists in the planning of large scale systems projects through vendor comparison and cost studies.
- Monitors, reports and resolves all security related problems and discrepancies. Participates as a member of the Information Security Incident Response Team.
- Interacts with internal and external clients on security requirements, identifies security process and develops strategies/solutions to security issues while maintaining tight security discipline.
- Develops test plan and implements rigorous testing prior to rollout of new systems into the production environment.
- Participates in Cyber Security Incident investigations
- Engineering Lead for Vulnerability Detection and Threat Management lifecycle, with focus on Qualys, Nessus and/or Tanium
- Must have solid hands on experience with multiple Qualys modules, including Asset Inventory, Vulnerability Management, Policy Compliance, File Integrity Monitoring, Container Security, etc Candidate will evaluate and design innovative solutions and architecture with a special focus on Engineering of Vulnerability Detection and Threat Management Life Cycle Keep up to date on new Cyber Security trends and threats.
- Advise on issues and recommend proactive measures.
- Participate on project working teams that introduce new capabilities and technologies to ensure that vulnerability and hardening exposure is managed.
- Experience in implementing Information Security technologies and/or processes required. Experience in product evaluation and managing vendor relationships required. Experience in defining Information Security strategy and integrating security technologies into corporate frameworks.
- Note that in this role, you must have hands on working knowledge of UNIX/AIX, Microsoft NT/2000, firewall multi-layer design and implementation, router access list/packet filtering (CISCO), WANs, LANs, the Internet, Intranets, network protocols and network services (i.e., telnet, ftp, etc.), Intrusion detection systems, Virtual Private Network (VPN), two factor authentication.
- Experience with Azure/AWS automated vulnerability scanning using scanners and agents.