Vacancy expired!
Our client is investing in bright, agile and diverse new talent to ensure we continue to innovate and strengthen relationships with our policyholders. That's why we're actively seeking an Information Security Engineer to join our team and take part in our people-first culture.As a Information Security Engineer, you will play a key role in Pacific Life's growth and long-term success by supporting the RSD Division Information Security Team, with a focus on Cloud Security, DevOps, CI/CD, Vulnerabilities Management, Application Security. While reporting to the RSD Information Security Practice Team Manager, you will be responsible for the security of on-premise and cloud based Applications, Infrastructure, Data and other IT assets.
ResponsibilitiesWork with divisional Applications Teams and various enterprise IT teams to ensure projects and initiatives meet or exceed company information security standards.Partner with Enterprise Information Security team to support information security requirements and best practices at division level.Support Enterprise Vulnerability Management Program including vulnerability scans, remediation and monthly KRIs.Partner with Enterprise Security and AppDev teams to help conduct static and dynamic code checks, penetration tests, security assessments, application security testing, and configuration management of applications and IT assets.Respond in timely manner to security alerts, development of service processes and procedures, and administration/operation of security tooling.Factors for Success5-8 years of experience in Information Security.Strong technical skills experience Linux and Windows operating systems.Scripting experience in Python and Powershell.Hands-on Experience with Terraform/CloudFormation.Experience with DevOps and CI/CD pipelines security.SAST/DAST static and dynamic code check.Securing VPCs, VPC Peering, VPC Endpoints, TGW, Private Link, Direct Connect and other native AWS services.Experience with Containers, Containers Security, Serverless Computing/Microservices/APIs security is a plus.Knowledge of CIS, NIST frameworks and OWASP Top 10.Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is nice to have.Good understanding of Ansible/Chef configuration management. Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is a plus.AWS Security, AWS DevOps certificationDemonstratable experience writing clear and legible process documentation and Strong communication skills.TECHNICAL SKILLS (Must Have)AWS Cloud SecurityAzure DevOpsCI/CDDynamic code testingLinuxLinux securityPythonScriptingStatic Application Security TestingTerraForm/CloudFormationNice To Have:Ansiblecontainers securityServerless Computing/Microservices/APIs securityWe are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. Requirements: Our client is investing in bright, agile and diverse new talent to ensure we continue to innovate and strengthen relationships with our policyholders. That`s why we`re actively seeking an Information Security Engineer to join our team and take part in our people-first culture.As a Information Security Engineer, you will play a key role in Pacific Lifes growth and long-term success by supporting the RSD Division Information Security Team, with a focus on Cloud Security, DevOps, CI/CD, Vulnerabilities Management, Application Security. While reporting to the RSD Information Security Practice Team Manager, you will be responsible for the security of on-premise and cloud based Applications, Infrastructure, Data and other IT assets.ResponsibilitiesWork with divisional Applications Teams and various enterprise IT teams to ensure projects and initiatives meet or exceed company information security standards.Partner with Enterprise Information Security team to support information security requirements and best practices at division level.Support Enterprise Vulnerability Management Program including vulnerability scans, remediation and monthly KRIs.Partner with Enterprise Security and AppDev teams to help conduct static and dynamic code checks, penetration tests, security assessments, application security testing, and configuration management of applications and IT assets.Respond in timely manner to security alerts, development of service processes and procedures, and administration/operation of security tooling.Factors for Success5-8 years of experience in Information Security.Strong technical skills experience Linux and Windows operating systems.Scripting experience in Python and Powershell.Hands-on Experience with Terraform/CloudFormation.Experience with DevOps and CI/CD pipelines security.SAST /DAST static and dynamic code check.Securing VPCs, VPC Peering, VPC Endpoints, TGW, Private Link, Direct Connect and other native AWS services.Experience with Containers, Containers Security, Serverless Computing/Microservices/APIs security is a plus.Knowledge of CIS, NIST frameworks and OWASP Top 10.Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is nice to have.Good understanding of Ansible/Chef configuration management. Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is a plus.AWS Security, AWS DevOps certificationDemonstratable experience writing clear and legible process documentation and Strong communication skills.TECHNICAL SKILLS (Must Have)AWS cloud securityAzure DevOpsCI/CDdynamic code testingLinuxlinux securitypythonscriptingStatic Application Security TestingTerraForm/CloudFormationNice To HaveAnsiblecontainers securityServerless Computing/Microservices/APIs securityVacancy expired!