Information Security Engineer Two Openings! Remote to Start

San Mateo, CA

Excellent Salary, Benefits and Team!

OPTION 1 Staffing is currently recruiting for two Information Security Engineers who have a healthcare background and experience with Information Security tools, incident response, SNOW, Vulnerability Management, threat detection/hunting and SOC/SIEM. These roles includes engineering secure password management solutions for instance or engineer endpoint and mobile security or audit application security code review. Log Analysis experience is appropriate.

Must be able to demonstrate knowledge and experience with vulnerability management and DLP tools

Tools critical to Information Security Engineers:

• Vulnerability Management
• Server Anti-Virus/Incident Response
• Network monitoring tools
• Broad knowledge of what Security OPS is about (SOC/SIEM, IR, Security Design/Review, Monitoring)
• Server level knowledge and experience

Information Security Engineers

Reporting to the Director, Information Security Operations, the Information Security Engineers are responsible for maintaining the high availability, configuration/efficiency and implementation of information security tools, systems and services. Works in conjunction with the Security Operations Center to identify and respond to threats. Works on highly complex projects that require an in-depth understanding of multiple domain knowledge (security, networking, cloud, etc.). This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.

Essential Functions

SECURITY ENGINEERING

· Collaborates across the company to guide the direction of mobile security, working with hardware, software, research and product teams

· Researches, designs, and develops architecture solutions meeting internal and external security requirements and standards

· Drives defense-in-depth security for the organization to protect critical IT assets and data

· Works extensively in networking products/technologies such as: routing and routing protocols, L2/L3 switching, Next Gen firewalls, IPS/IDS, Remote Access, VPN, SIEM, IAM, Encryption, VDI, and Mobile security

· Works with customers, partners to identify and address security issues and threats

· Evangelizes security across the engineering team and other business departments

· Assesses risks proactively and expresses concerns to engineering and operations teams

· Develops and executes security processes, policies, and procedures in collaboration with Manager

THREAT RESPONSE

· Identifies, troubleshoots, and resolves vulnerabilities

· Participates in incident response and management as required 24×7

· Completes assessments and coordinates responses to threats/attacks to the technology infrastructure and supported applications/systems
· Responsible for Desktop, server, application, database, and network security principles for threat identification and analysis

· Participates in multiple Projects and manages large projects as required

· Serves as an information security subject matter expert

Minimum Qualifications

Any combination of education and experience that would likely provide the required knowledge, skills and abilities as well as possession of any required licenses or certifications is qualifying.

· Education: BA or BS in Computer Science, Management Information Systems, or related field, from an accredited college or university or equivalent experience

· Experience: Five (5) or more years of security engineering, design, and implementation experience

· License/Certification: None required

Knowledge, Skills, and Abilities

· Advanced knowledge of the threat landscape and threat intelligence methodologies

· Demonstrated ability to make decisions on remediation and counter measures

· Thorough understanding of network defense technologies, TCP/IP networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing

· Working knowledge of global threats to cyber security and understanding of the tools and tactics utilized by threat actors

· Experience with a scripting language (Perl, Python, or other) in an incident response environment

· Extensive Windows, Mac, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, web browser forensics and file carving

· Ability to deliver succinct and fact-based communications, both verbally and in writing

· Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner

· Ability to use independent judgment to make sound, justifiable decisions and act to resolve problems

· Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product

· Strong analytical and problem-solving skills are required. Excellent communication (oral, written, presentation), interpersonal and consultative skills will be needed in order to succeed

· Good communication skills and ability to present to diverse audiences of varying organizational levels

· Ability to work in a collaborative, team environment

· Knowledge of local, state and federal regulatory requirements related to areas of functional responsibility

· Ability to work in a team or independently

Additional Information

· Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g. HIPPA, PCI, DSS, etc.)

· CISSP desired or willingness to earn CISSP paid for by company

· Excellent project planning/ time management skills

For immediate consideration, please apply!