Security Engineer

Location: Pasadena, CA
Date Posted: 27-04-2017
Position:  Security Engineer
Location: Pasadena, CA
Full-time Direct Hire
 
REQUIREMENTS:
  • CISSP, GCFA, GCIH, CISA or CISM security certificates is required.
  • Knowledge of standards, rules and regulations related to information security and data confidentiality (NIST, ISO 2700x, HIPAA, PCI) is required.
  • Minimum of 4 years of experience in vulnerability assessment and other information security engineering disciplines:
  • Experience with security risk assessment, risk management, compliance, and security policy formulation.
  • Experience in designing vulnerability management life-cycle through process setup for vulnerability scanning including scan iterations and frequency, post vulnerability discovery process and remediation support model.
  • Experience with capturing business requirements, risk areas, and translating them into critical assets from a vulnerability standpoint.
  • Experience with one or more of the following security vulnerability assessment and management tools (McAfee MVM, Qualys, GFI LanGuard, Nessus, Rapid7, WebInspect, AppScan).
  • Experience with incident handling, management and computer forensics methodologies.
  • Advanced knowledge and working experience with proxy and web content security filtering technologies.
  • Excellent written, verbal, presentation, and communication skills.
  • Strong understanding of TCP, UDP, security protocols, IP protocols and packet analysis.
  • Experience with Microsoft Windows server and client administration
 
DESIRED:
  • Experience in conducting formal penetration testing tasks (highly desirable).
  • Experience and/or exposure to SIEM technologies including event correlation and syslog analysis.
  • Experience with network firewalls, intrusion prevention systems, and network architecture.
  • Experience with Linux and UNIX operating systems.
  • Experience with mobile and smart device security and management framework.
  • Project management background with good multitasking and prioritization skills.
  • Prior financial industry experience is a plus.
  • College Degree is preferred
 
RESPONSIBILITIES:
  • Lead the efforts and assist with establishing formal vulnerability assessment, remediation, and security risk management program.
  • Monitor and research current industry security emerging threat metrics, technology best practices, security posture, tools, threat detection and counter measures, analysis, and formulate process improvement.
  • Measure and communicate vulnerability management related risks to various stakeholders including business units, infrastructure organizations and management.
  • Conduct and schedule regular vulnerability assessment scans, conformance reports and remediation plans.
  • Maintain and coordinate security controls for Windows servers, workstations, Unix/Linux servers, and other infrastructure network services. This includes conducting system security reviews, patch management plans, risk mitigation and conformance plans.
  • Monitor, analyze and respond to various suspicious security events (SIEM – IPS/IDS/Firewall/Proxy/VPN/AD/, etc.).
  • Assist in incident response related activities and support forensics and root cause analysis.
  • Security project management and monitor Helpdesk ticketing system for issues related to Security.
  • Research and evaluate new security technologies as needed.
Ralph Larsen Mendoza
Technical Recruiter
JBA International, LLC
Direct:   626-204-6916
Mobile:  626-379-0705
Tel:        626-844-1400 ext. 308
Toll:       1-800-500-4942
Email:    ralphm@jba.com
Fax:       626-795-9401
www.jba.com
http://jbatalent.com/
 LinkedIn: https://www.linkedin.com/in/ralphlarsenmendoza
or
this job portal is powered by CATS