Prosum
Information Security Engineer II
Prosum, Cypress, California, United States, 90630
Information Security EngineerSalary Range: $115k to $135kJob SummaryThe Information Security Engineer II will play a crucial role in safeguarding the company's assets and ensuring the confidentiality, integrity, and availability of our information systems and data. The Information Security Engineer II will play a pivotal role in the design, implementation, and maintenance of multiple security solutions. In addition, the Information Security Engineer II will work closely with other teams to promote secure designs and practices across the company to mitigate risks and meet business objectives and regulatory requirements.Essential Functions Security Roadmap - Ability to guide the organization in the development of the Security Program Roadmap.
Contribute to the development of the Security Program RoadmapDevelop an understanding of the organizational risk profile, organizational threats, and 3rd party compliance requirementsSecurity Engineering - Architects and implements security technologies.
Assist with identifying potential security technologies and researching their capabilities.Contributes to the design and implementation of security solutionsContributes to identifying migration / upgrades for end-of-life technologiesRecommend security improvements to managementAdminister security tools and troubleshoot issues that ariseThreat Management - Ability to understand security threats and their risk to the organization.
Contribute to the research of new and existing security threats and provide input to their potential risk to the environmentUnderstands the anatomy of a breach and provides assistance with investigationsSecurity Governance - Establish and maintain self-audits, policies, and procedures to provide assurance that information security strategies are aligned with applicable laws and regulations through adherence to internal controls.
Propose areas for "self-audits" based on security assessments and/or new technology deploymentsPropose security policies or procedures based on security assessments and/or new technology deploymentsSupplemental Duties and Responsibilities
Serve as technical liaison with vendorsPursues training and development opportunities; strives to continuously build knowledge and skillsAssist personnel in other technology departments to resolve technical and/or application issuesParticipate and assist in the coordination of both internal and external auditsOther duties as requestedRequired & Preferred Qualifications
Bachelor's Degree or equivalent work experience in a related field required3+ years' experience in an Information Security role with responsibilities in assessing application and infrastructure architectures for security threats and vulnerabilities, strongly preferred
Alternatively, 5+ years' in a Senior level network/systems role with a strong focus on Security, required
Must be self-motivated and able to work independently, with minimal supervision and as part of a teamHands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Secure Email Gateways, Web Content Filters, Proxies, DLP, SIEM) requiredSolid foundational understanding of networking concepts requiredProfessional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), CompTIA Security+, CompTIA Network+, highly desirableKnowledge and experience with common information security management frameworks and best practices, specifically the National Institute of Standards and Technology (NIST) frameworks and Center for Internet Security (CIS) Critical Security Controls, highly desirableUnderstanding of cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection, preferredExperience implementing security concepts with at least one major IaaS vendor is preferredDetail oriented with excellent interpersonal communication skillsExpected to effectively partner and collaborate with other teams on an ongoing basisStrong conceptual thinking and communication skills - the ability to translate medium complexity business and technical requirements into effective solutionsStrong organizational skills and ability to multi-task in an enterprise business environmentAbility to manage/track completion of multiple ongoing projects and remediation tasksProficient technical documentation skillsStrong written, verbal and presentation communication skills and ability to communicate at all levels within an organization
Please view our
Privacy Policy .
Contribute to the development of the Security Program RoadmapDevelop an understanding of the organizational risk profile, organizational threats, and 3rd party compliance requirementsSecurity Engineering - Architects and implements security technologies.
Assist with identifying potential security technologies and researching their capabilities.Contributes to the design and implementation of security solutionsContributes to identifying migration / upgrades for end-of-life technologiesRecommend security improvements to managementAdminister security tools and troubleshoot issues that ariseThreat Management - Ability to understand security threats and their risk to the organization.
Contribute to the research of new and existing security threats and provide input to their potential risk to the environmentUnderstands the anatomy of a breach and provides assistance with investigationsSecurity Governance - Establish and maintain self-audits, policies, and procedures to provide assurance that information security strategies are aligned with applicable laws and regulations through adherence to internal controls.
Propose areas for "self-audits" based on security assessments and/or new technology deploymentsPropose security policies or procedures based on security assessments and/or new technology deploymentsSupplemental Duties and Responsibilities
Serve as technical liaison with vendorsPursues training and development opportunities; strives to continuously build knowledge and skillsAssist personnel in other technology departments to resolve technical and/or application issuesParticipate and assist in the coordination of both internal and external auditsOther duties as requestedRequired & Preferred Qualifications
Bachelor's Degree or equivalent work experience in a related field required3+ years' experience in an Information Security role with responsibilities in assessing application and infrastructure architectures for security threats and vulnerabilities, strongly preferred
Alternatively, 5+ years' in a Senior level network/systems role with a strong focus on Security, required
Must be self-motivated and able to work independently, with minimal supervision and as part of a teamHands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Secure Email Gateways, Web Content Filters, Proxies, DLP, SIEM) requiredSolid foundational understanding of networking concepts requiredProfessional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), CompTIA Security+, CompTIA Network+, highly desirableKnowledge and experience with common information security management frameworks and best practices, specifically the National Institute of Standards and Technology (NIST) frameworks and Center for Internet Security (CIS) Critical Security Controls, highly desirableUnderstanding of cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection, preferredExperience implementing security concepts with at least one major IaaS vendor is preferredDetail oriented with excellent interpersonal communication skillsExpected to effectively partner and collaborate with other teams on an ongoing basisStrong conceptual thinking and communication skills - the ability to translate medium complexity business and technical requirements into effective solutionsStrong organizational skills and ability to multi-task in an enterprise business environmentAbility to manage/track completion of multiple ongoing projects and remediation tasksProficient technical documentation skillsStrong written, verbal and presentation communication skills and ability to communicate at all levels within an organization
Please view our
Privacy Policy .