Role: Security Engineer Data Protection
Location: San Francisco, 94105
Duration: Long Term Contract
Pay Rate: 83/hr USD
Summary
The Security Engineer reports to the Director of Data Protection and Infrastructure and will be key to enabling security self-sufficiency across our DevOps organization by helping design, deploy, and operate solutions that strengthen our capabilities in Data Protection, Endpoint Security, Critical Infrastructure, and Vulnerability Management.
Roles & Responsibilities
Assist in developing solutions to ensure existing and new systems and application deployments are appropriately secured to meet security policy and standards, and audit compliance requirements
Identify security issues and risks associated with security events reported by L1 or L2 InfoSec teams, or via alerts from various security tools, and develop remediation and/or risk mitigation plans
Participate in investigations of suspected information technology security misuse or compliance reviews as requested by Client’s Security Council, InfoSec management, or as required when alerts are received from InfoSec threat monitoring tools
Assist in responses to internal and external compliance audits, e-Discovery data collection, penetration tests and vulnerability assessments
Coordinate maintenance of security-related systems (Anti-Virus, Patching, Intrusion Detection, Logging, Anti-spam, etc.)
Minimum Qualifications
Bachelor's degree in Computer Science or related field, preferred
3-5 years of experience in the security field with working knowledge of any network and InfoSec components, including firewalls, intrusion detection systems, anti-malware products, e-Discovery and forensics tools and products, data encryption, VPN's, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)
Significant knowledge of TCP/IP, cryptographic protocols and algorithms, operating system internals and operations, and application level protocols
Demonstrated programming ability in C, C++, Java, php, JavaScript, python, perl, and other languages
Ability to configure, operate, and understand the regular workings of the following: Apache, PHP, SSH, UNIX hosts, TLS, etc.
Passion to learn or knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
Demonstrate the strong communication skills required to discuss and present engineering principles and issues to both technical and non-technical business partners & write concise proposals and documentation
The ability to provide support after normal business hours, as needed
Preferred Certifications - CISSP, CISA, CISM, CRISC, CGEIT, ISO27001