Cyber Security Engineer

As our Cyber Security Engineer, you will work with infrastructure, development, business, and architecture groups to provide security requirements for new applications and systems. In this capacity, you will contribute to the design, documentation, and deployment of new and existing security technologies while also assisting in the development of security policies, standards, and procedures. As a member of the team, you will also be responsible for mentoring other team members on security technologies and standards. You will be working on-site in Costa Mesa, CA, for the first 90 days, then in the office 3 out of 5 days per week. What You’ll Do You’ll start your day in an Agile meeting with our team of 7, reviewing the last 24 hours and making the plan for the day based on the work you are assigned for the current 2-week sprint. The tasks taken each sprint will be varied based on our internal business partner needs and initiative priority Define security architecture design patterns and evaluate and develop secure solutions based on approved security architecture and emerging risks. Serve as a security expert in varied security domains such as application development, database, network, cloud-based services, and/or platform (operating system) technologies, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Research, design, and advocate new technologies, architectures, standards, and security products that will support security requirements for the enterprise, our customers, and business partners. Evaluate, guide, and lead vendor engagements as necessary. Work with security specialists to ensure security solutions are in place. Analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks. Act as a resource and role model for less experienced staff. What You’ll Need To thrive in this role, you must have extensive experience (7 or more years of combined IT and security work experience) with broad exposure to infrastructure/network and multi-platform environments in an enterprise with over 5000 employees. This experience should include implementing multiple (3+) security infrastructure and application projects based upon any number of the following frameworks: CSA CCM, OWASP, NIST CSF, PCI DSS. In addition, experience working with DevOps and agile product development methodologies is a plus. Comprehensive knowledge of cross-platform technical principles, security practices, and procedures for private/public cloud computing, mainframe computers, distributed systems, desktop computers, laptops, tablets, phones, and workstations are desired. Knowledge of one or more of the following cloud service provider platform frameworks (AWS, GCP, Azure) and security controls. You will have communicated with various audiences, including business leaders, engineers, clients, and team members. Therefore, it is important that they have great verbal and written communication skills to convey information to the relevant audience. You will have prepared executive reports demonstrating written communication skills.