12 Month W2 Contract (4 Days Onsite in Burbank, CA/1 Day Remote)
Pay up to $84/hr.
Must have years of experience stated in the JD. Must be a self-starter with strong planning, scheduling, organization, and prioritization skills.
Must have cloud security knowledge with excellent communication skills. Ability to work independently.
Required: 2 or more Senior Information Security or cloud certifications (e.g., CISSP, CCSP, GIAC, Security+, AWS Certified Public Cloud Architect, MCSE cloud, VMWare VCP6 cloud, EMCCAcloud computing Architect)
Job Description
Seeking a Senior Cybersecurity Engineer to evaluate and assess the risk of various deployment scenarios (e.g., on-prem, cloud, hybrid), services, models, and technology to ensure they are secure and compliant.
This role is highly versatile and technical and requires broad exposure and experience across security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.
While familiarity and experience with various security tools prevalent in today’s information technology enterprise is highly beneficial, this role requires candidates to think critically and holistically about cybersecurity risk.
The candidate should not rely solely on the use or output of cybersecurity tools to assess the risk of an application or service.
A viable candidate should be able to effectively articulate the risk associated with an application or service based on evaluation of its design and configuration, data classification and flow, security control alignment, current and emerging threats, and practical experience.
Responsibilities
- Provides situation-based support, using in-depth knowledge of industry technology, controls, and policies to ensure system designs align with security requirements and industry best practices.
- Creates, reviews, and presents security architecture reviews and cybersecurity risk assessments to the team (peers), executive leadership, and customers.
- Executes advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents.
- Develops and documents technical solutions that meet specifications and impact future developments (e.g., process flows, requirements documents, data flows, mapping to controls).
- Identifies, selects, develops, and documents architecture artifacts (reference architectures, standards, policies, reusable designs, best practices).
- Researches, learns, and evaluates new technologies
- Leads discussions, assessments, tracking, and overall reporting of technology security risks.
- Documents issues, solutions, and status of assigned work.
- Understands business drivers and processes to evaluate risk and recommend solutions with a balanced result.
- Promotes awareness of applicable security policies and standards
- Assists with the maintenance of metrics and scorecards in support of the information security program.
Basic Qualifications
- Must have two or more senior Information Security or cloud certifications (e.g., CISSP, CCSP, GIAC, Security+, AWS Certified Public Cloud Architect, MCSE cloud, VMWare VCP6 cloud, EMCCAcloud computing Architect)
- 5-8 years of experience in Information Technology and/or information technology/cyber security and/or cyber risk management
- 5 years of experience with 3 or more of the following areas: Security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.
- 1-3 years of practical cloud information security experience with a preference to have experience with major cloud service providers (e.g., Amazon Web Services (AWS), Microsoft Azure, Google Cloud, etc.).
- Demonstrated experience in creating conceptual, logical, and physical security diagrams, with a thorough understanding of vulnerabilities and countermeasures.
- Maintains a strong familiarity with information security compliance programs and regulations
- Detailed understanding of identity, access, and authentication mechanisms (Kerberos, NTLM, AD), networking technologies, software-defined computing, containerization, routing and switching, big data, elastic compute, and risk analysis and risk management methodologies.
- Experience in information management, protection, and security control design and implementation.
- Familiarity with a broad range of cybersecurity frameworks and threat modeling concepts such as STRIDE, MITRE ATT&CK, and NIST publications (particularly 800-53 and 800-30).
- Ability to manage multiple priorities and work effectively in a fast-paced, high-volume, results-driven environment. This skill includes the ability to work both independently on complex tasks and effectively in a highly team-centric environment
- Excellent written and verbal communication skills, including writing comprehensive technical reports and assessments.
- Practical experience in preparing and presenting highly effective presentations to business customers, technology teams, and senior leadership
- Willingness to quickly learn new technologies/concepts and apply these new skills to assess the security posture of a system or application effectively.
- Self-starter with strong planning, scheduling, organization, and prioritization skills.
- Previous experience in Microsoft 365, specifically Excel, Word, and PowerPoint.
- Willingness to navigate complex business and organizational structures to achieve desired outcomes.
- Experience in applying analytical, problem-solving, and multi-tasking skills
- Ability to work independently under minimum supervision and be proactive in solving problems.
- Ability to work discretely with sensitive data information.
- Energetic, customer-facing persona with a focus on identifying solutions to problems
- Must be able to organize and schedule work effectively.
- Excellent attention to detail
- Demonstrated ability to identify, describe, resolve and/or escalate issues to closure.
Education
BS degree in computer science or related exp.
Compensation:
The estimated pay range for this position is USD $80.00/hr - $84.50/hr and is an Exempt role.
Exact compensation and offers of employment are dependent on circumstances of each case and will be determined based on job-related knowledge, skills, experience, licenses or certifications, and location.
Benefits:
We offer comprehensive benefit options which vary depending on role, location, and employment type. The Talent Acquisition Partner can share more details about compensation or benefits for the specific role during the hiring process.