This job board retrieves part of its jobs from: Toronto Jobs | Hamilton Jobs | Work From Home

Daily updated job offers in California

To post a job, login or create an account |  Post a Job  

Helping you to find a new job in California

previous arrow
next arrow

Security engineer architect


This is a Full-time position in El Segundo, CA posted December 22, 2019.

OverviewDo you have a passion for innovation?

Are you excited to leverage cutting edge technology to solve big business problems? If your response to those questions is “yes�?, we would love for you to join us!

At OrangePeople we consult for some of the most prestigious brands in the world.

But more importantly, our consultants have a voice in the vision and future of the company.

At OrangePeople, our focus is people.

It’s right there in our name. The Sr.

Security Engineer is responsible for providing the vision, leadership, and security direction to support the mission of the organization.

This position has both strategic and architectural/engineering management responsibility for all aspects of security: user, data, system, application, infrastructure, processes, financial, customer security.

This is a single-level classification.

Incumbents in this classification apply advanced technical information-security and management knowledge in developing and overseeing company wide information-security policies, standards, methods, practices and tools.

This Senior Security Engineer is primarily responsible for architecture, developing, providing direction and overseeing all information-security programs. Responsible for all aspects of information security within the company regardless of whether security responsibilities are centralized, decentralized or matrix managed. Responsibilities:Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.Aligns standards, frameworks and security with overall business and technology strategyEstablish security standards, policies and procedures for infrastructure, application, middleware, and data including development, QA and deployment best practices, for in-house and outsource. Develop a best practice business continuity/disaster recovery program to ensure technology availability and safety for employees.Develop roadmap and lead design and delivery of security landscape with a focus on thwarting malware, hacker intrusions and denial of service attacks.Develop penetration testing strategy and work with outside vendor to executive penetration testing.Assist Security Auditor in carrying out planned and on-demand audit.Ensure all applicable aspects of the environment meet current PCI compliance requirements.Securely Provision: conceptualize, architect, design and/or build secure IT systems and networks. Design elements of security architecture to mitigate threats as they emergeOperate and Maintain: provide support, administration and maintenance necessary to ensure effective and efficient IT system performance and security.Oversee and Govern: provide leadership, management, direction and advocacy so the organization may effectively conduct cybersecurity work.Protect and Defend: identify, analyze and mitigate threats to internal IT systems and/or networks.Analyze: perform highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.Collect and Operate: provide specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence. Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.Investigate: investigate cybersecurity events or crimes related to IT systems, networks and digital evidence. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements or upgrades to security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements. Requirements:A Bachelor’s degree in Information Technology, Computer Science or related field.

Masters’ Degree in CS or IT preferred.Proven track record of successfully leading security initiatives with solid skills in business management and a working knowledge of information security best practices.Former experience as a Cybersecurity Analyst, Cybersecurity Engineer and/or Cybersecurity Architect.Extensive experience in information security and/or IT risk management with a focus on security, performance, reliability, security attack pathologies.Solid understanding of security protocols, cryptography, authentication, authorization and securityGood working knowledge of current IT risks and experience implementing security solutionsExperience implementing multi-factor authentication, single sign-on, identity management or related technologiesExperience with Windows, Active Directory, Azure, and AWS, Wired, and Wireless environments.Experience working with Palo Alto firewalls, Meraki, endpoint protection solutions, IDS/IPS, etc.Ability to perform forensic, digital investigations to root-cause.Experience implementing multi-factor authentication, single sign-on, identity management or related technologiesWorking knowledge of cyber law and ethics, web and mobile application architectures, API/Micro services, scripting languages, relational and non-relational databases.Ability to interact with a broad cross-section of personnel to explain and enforce security measuresExcellent written and verbal communication skills as well as business acumen and a commercial outlookAdvanced security qualifications such as SABSA (Sherwood Applied Business Security Architecture), CISSP (Certified Information Systems Security Professional), or AWS Certified Security Specialty certifications are highly desirable.Certified Information Systems Security Professional (CISSP) certification is required. Other certifications, such as CISM will be considered.Knowledge of common information security management frameworks, such as ISO 27001, COBIT and NIST.Significant knowledge of cyber threat actors and their attack methodologies.Ability to effectively interact with clients having a broad range of computer knowledge and ability.Ability to organize, prioritize, and implement work assignments.Ability to present ideas in user-friendly language.Ability to thrive in an environment of continuous change. Additional Responsibilities:Participate in OrangePeople monthly team meetings, and participate in team building efforts.Contribute to OrangePeople technical discussions, peer reviews, etc.Contribute content and collaborate via the OP-Wiki/Knowledge Base. Provide status reports to OP Account Management as requested