Vacancy expired!
Security Engineer - Livermore, CA Contract to Hire Summary: The Security Engineer is responsible for contributing to the establishment and maintenance of information security tools, processes, policies, controls, and best practices necessary to effectively prevent, detect, respond to, and recover from security threats in internal, SaaS and networked environments. All service components (infrastructure, platforms, software, hardware, and network connectivity) must be configured and operated in a secure manner with an emphasis on ensuring service integrity and data protection/privacy. This role is responsible for working with all internal stakeholders that include IT and Engineering/Development teams to maintain compliance to security controls and policies and to achieve an outstanding level of security in internal infrastructure and SaaS products/environments throughout their lifecycle. Responsibilities:
- Identifying and completing projects to research, acquire, test, and deploy innovative tools and services relevant to securing On-Prem Cloud technology environments and applications.
- Defining and implementing relevant security policies and controls and ensuring proper compliance; Implementing and maintaining effective Identity and Access management structures.
- Ongoing vulnerability management in partnership with IT, development and operations teams.
- Managing cryptography and encryption of data; Coordinating and conducting penetration tests.
- Providing security recommendations related to microservices and secure application design,
- Assisting in achieving and maintaining industry security audit certifications (ISO, SOC2, HIPAA).
- Establishing and maintaining appropriate security logging, event correlation and threat detection mechanisms.
- Performing threat analysis, forensics, and remediation in response to security incidents.
- Bachelor's degree in Computer Science, Engineering, Information Security, or similar technical curriculum is required.
- Minimum 2-4 years of prior experience in an Information Security role, with at least 1 year of direct hands-on experience securing cloud environments is expected.
- Must have hands on experience working with virtualization technologies (cloud or non-cloud).
- Prior hands-on use of common security tools, systems and services, including firewalls, logging and SIEM, vulnerability scanning, penetration testing, Host and Network IDS, etc.
- Prior programming experience in application development, CI/CD functions & automation scripting (e.g., Ansible, Chef, Salt, Python, SOAR) experience preferred.
- Prior experience implementing or working with IAM and OAuth based services is required.
- CISSP, CCSP certifications desired.
- Cloud certifications in AWS, Azure or Google Cloud Platform desirable.
Vacancy expired!