Los Angeles, CA
About the Role
As an Enterprise Information Security Engineer you will be a champion for information security best practices. This person plays a key role in engineering solutions to help teams own their information security, and operate within compliance frameworks. To achieve this, working with cross-functional team leaders to recognize risks and incorporate industry best-practices is important. One of the key task is to evangelize a balanced security posture that is founded in a risk-based approach. This role requires on-call and first-response to security-related incidents.
Secure all corporate IT assets including workstations, networks and applications
Identify and communicate current and emerging security threats and develop plans to mitigate risk
Develop proposals for enterprise security strategy based on threat analysis, opportunity identification, value cases, and risk.
Act as a subject matter expert to IT and business leaders to support security goals within new projects, existing use cases, and vendors.
Integrate with project teams to align objectives to the security program and identify if components need to be modified to accommodate security recommendations.
Evaluate and implement security architecture tools to maximize value and trust
Prepare, champion, and educate the organization and individual teams on changes in security policies and best practices
Develop corporate incident response plan and respond to incidents accordingly
Monitor OS, network and application logs and identify threats and vulnerabilities
Understand current security and monitoring posture.
Curate relationships with third-party vendors or clients in relation to the Security Program.
Develop goals and implementation for continuous improvements in relation to compliance programs and security training throughout the enterprise.
Perform daily or weekly reviews of IT security logs to identify any gaps and escalate any issues.
Collaborate with stakeholders and project management to begin work on projects that aim to improve our ability to identify, detect, protect, respond, or recover in relation to information security threats.
Collaborate with security leadership to model and propose future resource needs within the domain of Enterprise Security and compliance initiatives.
Minimum 5 years of ITS experience including at least 3 years of experience in e-commerce or SaaS software industries with secure operational requirements.
Solid experience in designing or implementing compliance systems
Can communicate, teach, and promote security to teams from different disciplines and varying levels of experience.
Deep understanding of security research and advanced exploitation techniques from defensive and offensive perspectives.
Authorized to work in the USA
Willing to work remotely and at the same time go onsite (within USA) when needed