LHH Recruitment Solutions seeks a full-time Information Security Engineer to work in a Hybrid setting for our client in Dublin, CA. The Information Security Engineer will design, analyze, and support security solutions for systems, networks, and operating environments. This role involves developing and implementing security policies, standards, and best practices, and responding to security incidents. Key responsibilities include researching and implementing security solutions, improving system architectures, managing security configurations, leading incident response efforts, and developing strategies for breach recovery.
Responsibilities:
- Develop and implement information security solutions for organizational systems and products, ensuring compliance with all security policies and standards.
- Collaborate with IT and business partners to integrate security considerations into the evaluation, selection, installation, and configuration of hardware and software.
- Evaluate and provide recommendations for enhancing network, system, and application architectures.
- Analyze network, server, and application logs to identify security trends and incidents.
- Support the review and update of security policies, architectures, and standards.
- Assist with audits, penetration testing, and vulnerability assessments.
- Install and manage security software such as firewalls and encryption tools to safeguard sensitive information.
- Help users with the installation and configuration of new security products and procedures.
- Lead incident response efforts to mitigate the impact of security breaches and conduct technical investigations to assess damage and breach mechanisms.
- Perform risk assessments to evaluate the organization’s security posture and suggest appropriate solutions.
- Develop and propose policies, standards, and procedures to ensure compliance with legal and regulatory requirements for both internal and external security.
- Provide support and training for Information Security Analysts and Administrators.
- Act as a backup for the Information Security Officer as needed.
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related field is preferred.
- Required: Certified Information Systems Security Professional (CISSP) or equivalent certification.
- Over 5 years of experience in information security, with a focus on security engineering roles.
- At least 3 years of experience working in a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or a Security Operations Center (SOC) is preferred.
- Expertise in network security, including VPNs, firewalls, network monitoring, intrusion detection, web server security, SIEM, NAC, PAM, IAM, CIS Security Controls, and wireless security.
- Deep understanding of common vulnerabilities and exploitation techniques.
- Hands-on experience with database security, content filtering, vulnerability scanning, and anti-malware solutions.
- Proficiency in at least one scripting language such as Perl, Python, or PowerShell.
- Knowledge of risk assessment tools, technologies, and methodologies.
- Experience in designing secure network, system, and application architectures.
- Familiarity with disaster recovery and computer forensic tools and methods.
- Experience in developing and implementing security policies, standards, and procedures.
- Solid understanding of PCI, GLBA, IS/IT risk assessments, FFIEC IT examination guidelines, and NIST 800-53 and Cybersecurity Framework.
Compensation/Benefits: $130,000-$150,000 + bonus
This posting is a representative sample of the types of roles we typically place with our clients. Benefits may include health, vision, dental, PTO, and 401k.
Job Type: Full-Time, Direct Hire, Hybrid