Security Engineer

Overview

Job ID# 10281 – Posted 7/05/2023 – Alhambra, CA

Position Description: Security Engineer serves as the security engineer of complex technology implementations in a product-centric environment; is comfortable with bridging the gap between legacy development or operations teams and working toward a shared culture and vision; works to ensure developers create the most secure systems while enhancing the privacy of all system users; and has experience with white-hat hacking and fundamental computer science concepts. The Security Engineer will perform security audits, risk analysis, application-level vulnerability testing, and security code reviews; develop and implement technical solutions to help mitigate security vulnerabilities; and conduct research to identify new attack vectors.

Responsibilities

• Perform security audits, risk analysis, application-level vulnerability testing, and security code reviews.
• Develop and implement technical solutions to mitigate security vulnerabilities.
• Conduct research to identify new attack vectors and stay current with security best practices.
• Collaborate with product, engineering, and operations teams to promote secure-by-design development and privacy protections for all users.

Requirements

Skills Required: Security Engineers will possess knowledge and experience in safeguarding sensitive data from cyber-attacks.

Experience Required: This classification must have a minimum of ten (10) years of experience with developing and implementing technical solutions to help mitigate security vulnerabilities.

Experience Preferred

• Four (4) or more years of recent, full-time, highly responsible paid experience managing the security of multiple platforms, operating systems, software and network protocols for a large IT organization.
• Demonstrated skills in Industrial Control System (ICS), SCADA, security architecture, IT Security, networking, or systems administration with an emphasis on security.
• Experience in risk management, auditing, assessment, industry security framework, and/or internal controls.
• Proven knowledge of security architecture design, network security, vulnerability management, and threat intelligence/analysis.
• Experience in security, operations, control assessment, risk management, auditing, and/or internal controls.
• Experience with security and privacy legal and regulatory requirements.
• Knowledge of information security management frameworks such as NIST, CIS, ISO 27001, COBIT, or PCI DSS.
• Experience performing information security risk assessments and risk analysis.
• Strong understanding of encryption.
• Strong understanding of networking concepts and protocols (e.g. TCP/IP, LAN, WAN, DHCP, DNS, Routing Protocols, etc.).
• Expert-level knowledge of security systems such as SIEM (Microsoft Sentinel), IPS, Firewalls, and related network security tools.
• Operating Systems: Windows, Unix, Mac.
• Databases: SQL, Azure, Oracle.

Education

This classification requires the possession of a bachelor’s degree in an IT-related or Engineering field.

Certifications / Training

One (1) or more industry recognized Certifications in Security:

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• GIAC (Global Information Assurance Certification)

Additional Information

4/40 work schedule.

Apply Now

Please send your resume and any additional information to our recruitment team at recruitment@nexlogica.com

Nexlogica reserves the right to contact only selected candidates.