KORE1 Technologies
Senior Cyber Security Engineer
KORE1 Technologies, Irvine, California, United States, 92713
KORE1, a nationwide provider of staffing and recruiting solutions, has an immediate opening for a Senior Cyber Security Engineer.
This Senior Engineer performs technical and operational tasks to design, develop, implement, and maintain security solutions using technologies and processes to uphold the confidentiality, integrity, and availability of company's information assets.
Job Summary Details:
Collaborate with key stakeholders including senior leadership to research, develop, and implement an efficient security architecture to protect all sites, applications, services, and assetsLead engineering projects to implement security controls, tools, and solutions and assist in projects to enhance company's Cyber Security Program; makes recommendations on technology strategies that monitor, protect against, and alert on anomaliesExperience assessing system compliance against security frameworks and developing risk mitigation plans and strategiesManage day-to-day workflow to ensure security projects and associated operations are communicated, managed, and optimizedDevelop and report on KPIsCreate process automations through scripting and API integrationsParticipate in the change management processParticipate in incident response operationsParticipate in internal and externalDistinguishing characteristics for Cyber Security focus:
Design, development, and operations of vulnerability discovery, threat detection, and remediation management in a hybrid environmentExpertise with system and application vulnerability scanners, offensive security tools, and SIEM is requiredWorks regularly with system owners to present vulnerability findings, provide expert insight on findings, and drive remediation efforts through closure*firewalls, remote access, NAC, and proxy in a hybrid environmentCollaborate regularly with Infrastructure and Application teams to implement effective security controls in cross-functional areasJob Requirements
Distinguishing characteristics for Cyber Security focus:
Design, development, and operations of vulnerability discovery, threat detection, and remediation management in a hybrid environmentExpertise with system and application vulnerability scanners, offensive security tools, and SIEM is requiredWorks regularly with system owners to present vulnerability findings, provide expert insight on findings, and drive remediation efforts through closure*firewalls, remote access, NAC, and proxy in a hybrid environmentCollaborate regularly with Infrastructure and Application teams to implement effective security controls in cross-functional areasSkills required:
Experience configuring and managing the following:
Vulnerability management platforms such as Rapid7 InsightVM Cloud security posture management tools such as Rapid7 Insight CloudSec, MS Defender for CloudSAST/SCA/DAST/IAS tools such as Insight AppSec, Burp Suite Pro, SonarCloud Advanced knowledge of system and application security threats and vulnerabilities e.g., buffer overflow, cross-site scripting, SQL injection, covert channels, MITM replay attacksExperience with offensive security tools and techniques, red team, purple teamExperience with benchmarking and hardening systems and assets using CIS, STIG, etc.Experience maturing vulnerability management programs and proceduresNAC and remote access solutions such as Global Protect, Rules and threat protections on firewalls such as Palo Alto Multiple cybersecurity related certifications from vendors such as: ISC2, SANS, CompTIA, ECincident detection, incident response, and forensicsUnderstanding of SOAR technology and solutions such as XSOAR, Swimlane, etcExperience with the OWASP Top 10Preferred:
CISSP, CEH, CySA+, CSA, GPEN, OSCP, SSCP or similar certifications preferred
ABOUT KORE1Specializing in professional and technical recruiting, KORE1 is committed to supporting top IT, Engineering, Creative, Scientific, Accounting and Finance professionals in their career paths. We build deep relationships with leading companies, connecting them to exceptional talent every day. With extensive industry expertise and unmatched opportunities, our goal is to provide a unique experience for our contractors and consultants as they prepare for their next role. We are passionate about matching the right people with the right companies.
Kore1 provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Kore1 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Kore1 expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Kore1's employees to perform their job duties may result in discipline up to and including discharge.
This Senior Engineer performs technical and operational tasks to design, develop, implement, and maintain security solutions using technologies and processes to uphold the confidentiality, integrity, and availability of company's information assets.
Job Summary Details:
Collaborate with key stakeholders including senior leadership to research, develop, and implement an efficient security architecture to protect all sites, applications, services, and assetsLead engineering projects to implement security controls, tools, and solutions and assist in projects to enhance company's Cyber Security Program; makes recommendations on technology strategies that monitor, protect against, and alert on anomaliesExperience assessing system compliance against security frameworks and developing risk mitigation plans and strategiesManage day-to-day workflow to ensure security projects and associated operations are communicated, managed, and optimizedDevelop and report on KPIsCreate process automations through scripting and API integrationsParticipate in the change management processParticipate in incident response operationsParticipate in internal and externalDistinguishing characteristics for Cyber Security focus:
Design, development, and operations of vulnerability discovery, threat detection, and remediation management in a hybrid environmentExpertise with system and application vulnerability scanners, offensive security tools, and SIEM is requiredWorks regularly with system owners to present vulnerability findings, provide expert insight on findings, and drive remediation efforts through closure*firewalls, remote access, NAC, and proxy in a hybrid environmentCollaborate regularly with Infrastructure and Application teams to implement effective security controls in cross-functional areasJob Requirements
Distinguishing characteristics for Cyber Security focus:
Design, development, and operations of vulnerability discovery, threat detection, and remediation management in a hybrid environmentExpertise with system and application vulnerability scanners, offensive security tools, and SIEM is requiredWorks regularly with system owners to present vulnerability findings, provide expert insight on findings, and drive remediation efforts through closure*firewalls, remote access, NAC, and proxy in a hybrid environmentCollaborate regularly with Infrastructure and Application teams to implement effective security controls in cross-functional areasSkills required:
Experience configuring and managing the following:
Vulnerability management platforms such as Rapid7 InsightVM Cloud security posture management tools such as Rapid7 Insight CloudSec, MS Defender for CloudSAST/SCA/DAST/IAS tools such as Insight AppSec, Burp Suite Pro, SonarCloud Advanced knowledge of system and application security threats and vulnerabilities e.g., buffer overflow, cross-site scripting, SQL injection, covert channels, MITM replay attacksExperience with offensive security tools and techniques, red team, purple teamExperience with benchmarking and hardening systems and assets using CIS, STIG, etc.Experience maturing vulnerability management programs and proceduresNAC and remote access solutions such as Global Protect, Rules and threat protections on firewalls such as Palo Alto Multiple cybersecurity related certifications from vendors such as: ISC2, SANS, CompTIA, ECincident detection, incident response, and forensicsUnderstanding of SOAR technology and solutions such as XSOAR, Swimlane, etcExperience with the OWASP Top 10Preferred:
CISSP, CEH, CySA+, CSA, GPEN, OSCP, SSCP or similar certifications preferred
ABOUT KORE1Specializing in professional and technical recruiting, KORE1 is committed to supporting top IT, Engineering, Creative, Scientific, Accounting and Finance professionals in their career paths. We build deep relationships with leading companies, connecting them to exceptional talent every day. With extensive industry expertise and unmatched opportunities, our goal is to provide a unique experience for our contractors and consultants as they prepare for their next role. We are passionate about matching the right people with the right companies.
Kore1 provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Kore1 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Kore1 expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Kore1's employees to perform their job duties may result in discipline up to and including discharge.