SourcePro Search
Senior Security Engineer
SourcePro Search, Los Angeles, California, United States, 90079
SourcePro Search has a fantastic opportunity for an experienced Senior Security Engineer in our global law firm client's Los Angeles office.The Senior Security Engineer is a hands-on role that requires a high level of technical expertise and will be responsible for a broad range of tasks, including day-to-day administration of cybersecurity tools and devices, and on point incident response.In addition, this position will have significant responsibilities for the administration, engineering, auditing, and documentation of various IT Security related systems across the enterprise.This role will work closely with the Enterprise Architecture and Service Delivery (EA&SD) team, and the Senior Security Engineer will assist with the Service Delivery (SD) platform and Cloud security posture, including: Disaster Recovery (DR)/Business Continuity (BC) programs, vulnerability assessment findings, Zero Day vulnerabilities, posture related exercises so that Information Security directives and activities align with Loeb's data security policy, ISO 27001:2022 and client audit requirements/directives, etc.
What You'll Do:
Working alongside the Service Delivery team and IT vendors, takes instructions from the CISO and Director of EA&SD for the installation and configuration of Security related systems; assists with the Security posture of the various platforms and applications (Zero Trust); assists with Group Policy; assists with Zero Day vulnerabilities and across all on premises and cloud related systems.Provides first-line and on-call support for security incident escalation and remediation 24x7, 365.Assists and trains junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues; cross trains engineers where applicable (Desktop Analysts, 2nd tier, SD Team)Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processesDevelops and maintains documentation for security systems and proceduresResponsibility in creating and maintaining Security related documentation as directed by the CISO, Director of EA&SD and Security Manager of Governance, Risk and Compliance or the associated project team.Has strong knowledge of on premises and Cloud (primarily Azure/MS E5 related platforms) Identity Management & Policy ControlResponsibility for AD, PIM/PAM, LAPs, and associated technologies for privilege management - Driving Zero Trust design with CISO and Director of EA&SDPerforms normal and exceptional processing of user access and change requests, escalating such requests when appropriate and following Incident Management and Change Management guidelines. Disaster Recovery and Business ContinuityParticipates in and leads preparing, planning and testing Disaster Recovery initiatives partnering with the CISO and Director of SD&EA and the SD team.Partners with CISO and Director of EA&SD on the continuous improvement of all DR/BC systems, given the results from testing these systems and recalibrate and document MTD, RPO, and RTP. Event Management/SIEM ManagementResponds to, and where appropriate, resolves or escalates reported security incidentsMonitors system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolutionInvestigates and resolves security violations , provides postmortem analysis and leads post incident review determining any continuous improvement objectives (necessary changes to process or systems) that would prevent such incidents from reoccurring; feeds Known Problem and Incident Response Management policies and procedures as necessary.Manage and monitor external Security Operation Centers to ensure appropriate configurations are maintained and incidents remediated Service Delivery Platform ProtectionPartners as needed in Service Delivery projects to develop, plan and implement Security configuration itemsLeads 3rd party review of firewalls and partnering with the Senior Network Engineer - Partners as needed with SD teams installing and testing new security software and technologiesSupports data encryption deployments, including key management and documentation Risk, Control, Threat and Vulnerability ManagementSupporting the Manager of Governance, Risk and Compliance, assists with the gathering of security audit related artifacts for Configuration Item identification; across all of IT and Business Services , and maintains a compliance related central repository to store all artifacts in a central location; eliminates the need for repeat requests tied to auditsCoordinates remediation required by audits and documents exceptions as necessaryLeads vulnerability management scanning, reporting and remediation, partnering with the Service Delivery (SD) team and associated IT vendors.Leads penetration testing for all platforms partnering with the vendor and SD team to complete posture remediation. - Responsibility for endpoint vulnerability clients.Microsoft Defender for Endpoint policies, Endpoint control, Microsoft E5 use and continuous improvement, vulnerability endpoint clients, DNS and Secure Web Gateway, etc.Research threats and vulnerabilities(personal effort, vendor related feedback, vulnerability management platforms, industry groups and news alerts ), and where appropriate take action to mitigate threats and coordinate remediation of the vulnerabilities across Service Delivery associated platforms.Collates security incident and event data to produce monthly exception and management reports; works with the Supervisor of Help Desk and Process to contribute to monthly IT operational reporting.Incident Response - On Point 24x7, 365, for all incident response related actionsPartners with Incident Response retainer vendors in the identification and remediation of the threat, partnering with and leading the SD team efforts across platforms given associated engineering tasks. Security EngineeringMaintains security diagramsParticipates and supports cybersecurity architectural requirements as directed by the CISO and Director of EA&SDParticipates in cybersecurity working groupsWhat You'll Bring:
Bachelor of Science in Computer Science or a related field or a minimum of 5 years of comparable work experienceFive or more years of work experience as a System Security Engineer or related positionProven experience developing, operating, and maintaining security systemsExtensive knowledge of Azure, MS E5, Sentinel, Defender for Endpoint, Tenable, Varonis, Fortigate, and Cisco Firewall, including operating system, database securityProficiency in networking technologies, network security, and network monitoring solutionsKnowledge of security systems, including anti-virus applications, content filtering, firewalls, authentication systems, and intrusion detection and notification systemsSecurity Certifications such as CISSP, CISM, CCNA-S, CISA, GIACExperience with scripting automation using Python, Bash & PowerShellProven experience building security reference architecture for on premises, all-in-cloud deployments, and hybrid scenariosImplementation experience with enterprise security solutions such as Endpoint Protection (DLP/Allow listing/HIPS), WAF, IPS, Anti-DDOS, and SIEM/FIM.In-depth knowledge of security protocols and principlesExceptional communication skills, critical thinking skills and ability to solve complex problems
What You'll Do:
Working alongside the Service Delivery team and IT vendors, takes instructions from the CISO and Director of EA&SD for the installation and configuration of Security related systems; assists with the Security posture of the various platforms and applications (Zero Trust); assists with Group Policy; assists with Zero Day vulnerabilities and across all on premises and cloud related systems.Provides first-line and on-call support for security incident escalation and remediation 24x7, 365.Assists and trains junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues; cross trains engineers where applicable (Desktop Analysts, 2nd tier, SD Team)Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processesDevelops and maintains documentation for security systems and proceduresResponsibility in creating and maintaining Security related documentation as directed by the CISO, Director of EA&SD and Security Manager of Governance, Risk and Compliance or the associated project team.Has strong knowledge of on premises and Cloud (primarily Azure/MS E5 related platforms) Identity Management & Policy ControlResponsibility for AD, PIM/PAM, LAPs, and associated technologies for privilege management - Driving Zero Trust design with CISO and Director of EA&SDPerforms normal and exceptional processing of user access and change requests, escalating such requests when appropriate and following Incident Management and Change Management guidelines. Disaster Recovery and Business ContinuityParticipates in and leads preparing, planning and testing Disaster Recovery initiatives partnering with the CISO and Director of SD&EA and the SD team.Partners with CISO and Director of EA&SD on the continuous improvement of all DR/BC systems, given the results from testing these systems and recalibrate and document MTD, RPO, and RTP. Event Management/SIEM ManagementResponds to, and where appropriate, resolves or escalates reported security incidentsMonitors system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolutionInvestigates and resolves security violations , provides postmortem analysis and leads post incident review determining any continuous improvement objectives (necessary changes to process or systems) that would prevent such incidents from reoccurring; feeds Known Problem and Incident Response Management policies and procedures as necessary.Manage and monitor external Security Operation Centers to ensure appropriate configurations are maintained and incidents remediated Service Delivery Platform ProtectionPartners as needed in Service Delivery projects to develop, plan and implement Security configuration itemsLeads 3rd party review of firewalls and partnering with the Senior Network Engineer - Partners as needed with SD teams installing and testing new security software and technologiesSupports data encryption deployments, including key management and documentation Risk, Control, Threat and Vulnerability ManagementSupporting the Manager of Governance, Risk and Compliance, assists with the gathering of security audit related artifacts for Configuration Item identification; across all of IT and Business Services , and maintains a compliance related central repository to store all artifacts in a central location; eliminates the need for repeat requests tied to auditsCoordinates remediation required by audits and documents exceptions as necessaryLeads vulnerability management scanning, reporting and remediation, partnering with the Service Delivery (SD) team and associated IT vendors.Leads penetration testing for all platforms partnering with the vendor and SD team to complete posture remediation. - Responsibility for endpoint vulnerability clients.Microsoft Defender for Endpoint policies, Endpoint control, Microsoft E5 use and continuous improvement, vulnerability endpoint clients, DNS and Secure Web Gateway, etc.Research threats and vulnerabilities(personal effort, vendor related feedback, vulnerability management platforms, industry groups and news alerts ), and where appropriate take action to mitigate threats and coordinate remediation of the vulnerabilities across Service Delivery associated platforms.Collates security incident and event data to produce monthly exception and management reports; works with the Supervisor of Help Desk and Process to contribute to monthly IT operational reporting.Incident Response - On Point 24x7, 365, for all incident response related actionsPartners with Incident Response retainer vendors in the identification and remediation of the threat, partnering with and leading the SD team efforts across platforms given associated engineering tasks. Security EngineeringMaintains security diagramsParticipates and supports cybersecurity architectural requirements as directed by the CISO and Director of EA&SDParticipates in cybersecurity working groupsWhat You'll Bring:
Bachelor of Science in Computer Science or a related field or a minimum of 5 years of comparable work experienceFive or more years of work experience as a System Security Engineer or related positionProven experience developing, operating, and maintaining security systemsExtensive knowledge of Azure, MS E5, Sentinel, Defender for Endpoint, Tenable, Varonis, Fortigate, and Cisco Firewall, including operating system, database securityProficiency in networking technologies, network security, and network monitoring solutionsKnowledge of security systems, including anti-virus applications, content filtering, firewalls, authentication systems, and intrusion detection and notification systemsSecurity Certifications such as CISSP, CISM, CCNA-S, CISA, GIACExperience with scripting automation using Python, Bash & PowerShellProven experience building security reference architecture for on premises, all-in-cloud deployments, and hybrid scenariosImplementation experience with enterprise security solutions such as Endpoint Protection (DLP/Allow listing/HIPS), WAF, IPS, Anti-DDOS, and SIEM/FIM.In-depth knowledge of security protocols and principlesExceptional communication skills, critical thinking skills and ability to solve complex problems