Senior Information Security Engineer
Location: San Jose, CA
Full time position.
- Recommend, evaluate and implement the latest security tools, technologies, and processes to advance Clients security posture.
- Partner closely with different stakeholders to drive security programs and enforce compliance requirements.
- Design and implement a data loss prevention program covering endpoints, data, network, cloud, applications and systems. Responsible for the management, advanced configuration, monitoring, and fine-tuning of DLP solution; Design and create new detection techniques and improve existing ones.
- Design a full life-cycle data management solutions encompassing data classification, access control, encryption, and data masking.
- Implement and conduct risk management to reduce supply chain and enterprise risks.
- Perform vulnerability assessment; Lead efforts to prioritize and drive down vulnerabilities.
- Lead security investigations and incident response, build automation playbooks, develop queries and analytics, and improve threat detection capabilities.
- Support the security design and implementation of best practices for industry certification.
- Prepare deliverables, metric reports, and documentations.
- Stay up-to-date on current cybersecurity threats, vulnerabilities, trends, and best practices to proactively improve the cybersecurity risk and controls program.
- Implement and apply technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
What you need:
- Minimum of 10+ years in Information Security or related field.
- In depth experience covering a wide range of security disciplines such as, endpoint, cloud, networking, identity and access management, devops, incident response, threat intelligence, and more.
- Extensive experience with data loss prevention and insider risk management programs.
- Experience with securing hybrid on-premise and public cloud infrastructure (specifically AWS)
- Strong understanding of NIST, ISO, and CIS controls compliance and certification requirements.
- Previous experience with deploying and managing PAM, DLP, SIEM and other common security tools.
- Experience with zero trust concepts and design.
- Experience with integrating security into the full software development life cycle.
- Ability to effectively lead cross-functional initiatives and drive alignment to achieve results.
- Extensive experience securing Linux, Windows, and Mac OS.
- Programming, automation, or development experience.
- You must be technically proficient and hands-on.
Preferred Qualifications:
A Bachelor or Master degree in Computer Science, Computer Engineering,
Cybersecurity, or related technical field.
CISSP or equivalent industry certifications.
Aerospace industry experience.
