Security Engineer II

About The Position

Requirements

• BS/BA and 8+ years’ experience or equivalent combination of education and experience, and 4 years of SME in respective areas
• To perform this job successfully, an individual should have knowledge of Microsoft Office Suite.
• Endpoint Management Experience (BigFix, WSUS/SCCM, Symantec, Trend Micro, etc)
• Identity and Access Management
• Certificate Management
• Patch Management (Windows and Unix)
• Intrusion Detection and Prevention
• Security Awareness Training
• Mobile Device Management
• EDR (Endpoint detection and response)
• Web Content Filtering
• Device Encryption
• Vulnerability Assessment Tools
• Firewall and VPN
• Secure E-mail, Anti-SPAM
• Webserver applications
• Web API Service Security
• Business Continuity (Disaster Recovery)
• Compliance and Audit (HIPAA, HITRUST, SOC, GovRAMP and PCI a plus)
• OS Administration (Windows, Linux and Unix)
• Authentication and SSO
• Container Security
• Must have excellent analytical, problem solving and communication skills.
• Familiarity with SSAE SOC 1 and SOC 2, HITRUST, federal/state security and privacy frameworks, HIPAA, PCI and regulatory requirements for information security.
• Must be able to work on a team and build good working relationships with team members and internal clients.
• Must have good understanding of standard policies and procedures for information security.
• Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists.
• Ability to define problems, collect data, establish facts, and draw valid conclusions.
• Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
• Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals.
• Ability to compute rate, ratio, and percent and to draw and interpret bar graphs.
• Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community.
• Ability to respond effectively to the most sensitive inquiries or complaints.
• To perform the job successfully, an individual should demonstrate the following competencies: Composure, Decision Quality, Organizational Agility, Problem Solving, Customer Focus, Drive for Results, Peer Relations, Time Management, Dealing with Ambiguity, Learning on the Fly, Political Savvy
• The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
• While performing the duties of this Job, the employee is regularly required to sit and talk or hear. The employee is regularly required to stand; walk; use hands to finger, handle, or feel and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds.
• This position must work on-site at the San Diego Headquarters for purposes of providing adequate support to internal clients; being available for face-to-face interactions and coordination of work with other employees, colleagues, clients, or vendors; as well as for facilitation of quick and effective decisions through collaboration with stakeholders.
• This is an exempt level position requiring the incumbent to work the hours required to fully accomplish job responsibilities and reasonably meet deadlines for work deliverables. The individual must have the flexibility to work beyond traditional hours and be able to work nights, at weekends or on holidays as required. Work hours may be changed from time to time to meet the needs of the business. Typical core business hours are Monday through Friday from 8:00am to 5:00pm.

Nice To Haves

• Certificates, Licenses, Registrations
• Security Certification strongly preferred
• OWASP, ISSA, ISACA membership a plus

Responsibilities

• Enforces policy and supports security procedures, applications, and systems through the documentation of the resolution of assigned cases that range from simple to complex.
• Recommends changes to existing security process and procedures.
• Ability to utilize Endpoint Threat Detection and Response/Hunting toolsets
• Creates requirements for product evaluations and/or procedures to enhance productivity and effectiveness.
• Provides direct support to the business and IT staff for security related issues.
• Drives the delivery of new and upgraded security applications, systems, and workflow.
• Tests new systems for effective operations.
• Leads efforts to proactively maintain and improve the automation, reliability, consistency, and the quality of existing IT security tools and environments throughout the organization.
• Assists in the design, deployment, integration and configuration of security solutions or enhancements to ensure functionality.
• Ensures the confidentiality, integrity, and availability of data residing on or transmitted to, from, or through the enterprise workstations, servers, application systems, and data repositories.
• Initiates, facilitates, and promotes activities to create information security awareness.
• Disseminates and educates users on security policies and practices.
• Participates in regular security awareness training and updates to ensure consistent compliance with IT Security Policies.
• Works cross-functionally and interacts with internal business units and stakeholders to support the business’ needs.
• Using an automated customer case request system, tracks and documents security service requests and completed cases.
• Participates in daily activities and reporting required for regulatory and contractual information security obligations.
• Coordinates tasks that are performed within the infrastructure (system administration, network administration, application support, etc.) for security updates and initiatives.
• Performs analysis, design and development of security features for system architecture.
• Participates in security incident investigations and provides on-going communication to security management.
• Identifies root causes of security events and proposes solutions; closes out and documents investigations.
• Ensures confidentiality and appropriate personnel are involved in the investigation.
• Maintains up-to-date industry knowledge through formal/informal training, industry associations and research of latest technologies critical to the success of the company’s information security program.
• Continuously works to identify and improve security solutions to defend the company against data security threats.
• Apprises and keeps management aware of security issues; handles and/or escalates issues appropriately.
• Provides guidance/training to less experienced staff.
• Apprises and keeps management aware of security issues; handles and/or escalates issues appropriately.
• Provides IT Security consultative support to internal and external clients.
• Manages IT Security related projects and assignments as assigned.

Benefits

• Medical / Dental / Vision / Wellness Programs
• Paid Time Off / Company Paid Holidays
• Incentive Compensation
• 401K with Company match
• Life and Disability Insurance
• Tuition Reimbursement
• Employee Referral Bonus