Other Desired Qualifications

  • Positive outlook on life.

  • MUST have a sense of humor.

  • Looking to make a difference in the world.

  • Enjoy a challenging work environment with great opportunities for professional growth.

  • Be willing and able to assist with a variety of other duties that may arise.

Security Engineer

Los Angeles, CA
Full Time

About the Role


As an Enterprise Information Security Engineer you will be a champion for information security best practices. This person plays a key role in engineering solutions to help teams own their information security, and operate within compliance frameworks. To achieve this, working with cross-functional team leaders to recognize risks and incorporate industry best-practices is important. One of the key task is to evangelize a balanced security posture that is founded in a risk-based approach. This role requires on-call and first-response to security-related incidents.


Responsibilities


  • Secure all corporate IT assets including workstations, networks and applications

  • Identify and communicate current and emerging security threats and develop plans to mitigate risk

  • Develop proposals for enterprise security strategy based on threat analysis, opportunity identification, value cases, and risk.

  • Act as a subject matter expert to IT and business leaders to support security goals within new projects, existing use cases, and vendors.

  • Integrate with project teams to align objectives to the security program and identify if components need to be modified to accommodate security recommendations.

  • Evaluate and implement security architecture tools to maximize value and trust

  • Prepare, champion, and educate the organization and individual teams on changes in security policies and best practices

  • Develop corporate incident response plan and respond to incidents accordingly

  • Monitor OS, network and application logs and identify threats and vulnerabilities

  • Understand current security and monitoring posture.

  • Curate relationships with third-party vendors or clients in relation to the Security Program.

  • Develop goals and implementation for continuous improvements in relation to compliance programs and security training throughout the enterprise.

  • Perform daily or weekly reviews of IT security logs to identify any gaps and escalate any issues.

  • Collaborate with stakeholders and project management to begin work on projects that aim to improve our ability to identify, detect, protect, respond, or recover in relation to information security threats.

  • Collaborate with security leadership to model and propose future resource needs within the domain of Enterprise Security and compliance initiatives.


Requirements


  • Minimum 5 years of ITS experience including at least 3 years of experience in e-commerce or SaaS software industries with secure operational requirements.

  • Solid experience in designing or implementing compliance systems

  • Can communicate, teach, and promote security to teams from different disciplines and varying levels of experience.

  • Deep understanding of security research and advanced exploitation techniques from defensive and offensive perspectives.

  • Authorized to work in the USA

  • Willing to work remotely and at the same time go onsite (within USA) when needed