JOB TITLE: Senior Security Engineer
FUNC: CORP IT
ORGANIZATIONAL ALIGNMENT: Information Technology
Human Resources Approval/Date:
Functional Executive(s) Approval/Date:
LOCATION: Irvine, CA
The Senior Security Engineer for Golden State will leverage processes and technology to ensure the organization’s systems and data are secure. Acting as a key cybersecurity stakeholder, the security engineer will devise and manage a security roadmap that maintains and strengthens the company's security posture. This is a hands-on role that requires active participation in assessing and remediating security vulnerabilities and managing security incidents. Success in this role requires an individual who is organized, assertive, resourceful and an excellent communicator.
(% of time may vary depending on assignments/projects)
- Execute cybersecurity processes, procedures, and policies
- Lead and/or participate in cybersecurity investigations. Work with other team members to find and validate indicators of compromise.
- Participate in threat hunting activities using tools and data available; make recommendations to enrich data sources for more accurate correlation
- Work with other team members to remediate security threats and compromises
- Work with other team members to identify root cause of security incidents and formulate preventative action plans
- Monitors and assesses the company’s security landscape on a continual basis. Prioritizes urgent security patches and remediations as needed.
- Leverage vulnerability scanning tools to ensure security patches have been properly applied.
- Promote awareness. Draft regular cybersecurity bulletins and tips to the end-user community. Conduct training sessions.
- Partner with and manage security service providers
- Lead and/or participate in regular security team meetings; prepare status reports
- Support and maintain the cybersecurity platform (vulnerability management, web proxies, endpoint and email protection, SIEM, privileged account management, etc...)
- Process requests related to security tools (e.g. firewall exceptions, web usage reports)
- Perform and/or coordinate patches and upgrades to these systems as needed
- Address any security questions from internal and external audits and examinations.
- Perform security and risk assessments on potential affiliates, technology solutions and service providers
- Continuously assess the organizations security posture, report findings and make recommendations
- Stay up-to-date on cybersecurity best practices, trends and technologies.
- Evaluate additional security products and services as needed
- Regular travel requirements (None)
- Four-year college preferred or commensurate work experience.
- Certified Information Systems Security Professional (CISSP), or related certification.
- 7+ years experience as a cybersecurity analyst/engineer
- Previous experience as a client/server or infrastructure engineer
- 4+ years conducting IT compliance exercises (system access audits, penetration tests, change management audits)
- Experience developing corporate cybersecurity policies and procedures
ESSENTIAL KNOWLEDGE, SKILLS AND ABILITIES
- Antivirus/Malware Software (SentinelOne, CrowdStrike)
- Cybersecurity Frameworks (NIST, ISO 27000)
- Security Incident Response Frameworks
- Vulnerability Scanning and Management tools (e.g. Tenable, Rapid7)
- Email Protection (Mimecast, ProofPoint)
- PowerShell, BASH
- IPS/IDS Technology
- Web Gateways
- SIEM Technologies (i.e. Exabeam, Splunk)
- Networking Concepts
- Client and Servers Operating Systems (e.g. Windows, Linux)
- Active Directory & Azure AD
- Microsoft 365
- Cloud Firewall (Zscaler)
- SSO (SAML, OAUTH)
- Web Services
- Agile Methodology
- Patching Tools (SCCM)
- Enterprise Architecture
- Backup Technologies (i.e. Veeam, Cohesity, CommVault)
- PCI Compliance
- Privileged Access Management (i.e. Thycotic, CyberArk)
- Apple iOS
- Database Technologies (SQL, Oracle)
The following universal core competencies apply to every job at Golden State Foods. Performance expectations are based on the specific job and grade level.
Maintains the highest standards. Treats others the way you’d like to be treated. Makes the best product. Gives the customer a fair deal.
Exhibits sense of fairness. Leads by example. Consistently lives the Values and Creed.
INSPIRATION TO OTHERS
Walks the talk. Is supportive of others. Helps others develop great ideas. Looks for the best in others. Rewards positive performance. Finds ways to succeed, not reasons to fail. Is willing to do jobs “below them”. Addresses failures in the process, not the people. Accepts responsibility for own failures. Creates vision for team.
DRIVES TOWARDS HIGHEST QUALITY RESULTS
Is creative and innovative. Is a prudent risk-taker. Always looks for new methods and better ways to run the business. Meets annual goals and objectives. Has a passion for the business. Is willing to change. Puts forth quality efforts.
Represents self honestly in all situations, even if it exposes mistakes or weakness. Gives the customer a fair deal. Always does the right thing, even when no one is watching. Walks the talk. Meets commitments. Applies rules across all levels – no exceptions.
OPEN & HONEST COMMUNICATION
Is timely in communications in both directions. Listens actively. Speaks directly, (say what you mean – mean what you say). Listens with empathy and without judgment. Gets all the facts before jumping to conclusions.
Shares success with others. Recognizes others’ achievements timely. Reacts constructively to mistakes. Puts other’s success first. Values team over individual. Creates win/win situations.
Job Type: Full-time
- 401(k) matching
- Dental insurance
- Disability insurance
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Vision insurance
- Cybersecurity: 7 years (Preferred)
- Compliance policy maker: 4 years (Preferred)
- Only full-time employees eligible
- Remote interview process
- Personal protective equipment provided or required
- Social distancing guidelines in place
- Virtual meetings
- Sanitizing, disinfecting, or cleaning procedures in place