Fulltime Network Security Engineer openings in California on September 21, 2022

Senior Infrastructure Security Engineer – Network Security at Salesforce.com, Inc

Location: San Francisco

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

Our team is focused on reducing the inherent risk in Salesforce common infrastructure and controls. We execute this by partnering with engineering teams where we offer competent, actionable and meaningful security design advice, conducting threat models and design reviews, leveraging automation to scale our reach/coverage, etc. Our projects are vastly complicated due to the inherent nature of most of the services that we review, but we succeed by recommending solutions that provide meaningfully trade off between security architecture, business, and operational security concerns.

Must Have:
• Demonstrated ability and experience securing large complex enterprise architectures or systems deployed in public cloud
• Demonstrated ability and experience performing threat modeling / data flow diagramming / architecture risk analysis, identifying bugs and flaws and driving work items from these activities to resolution
• Demonstrated ability to work with engineers to identify the trade-offs of different solutions and recommend the ideal design to meet security requirements.
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements
• Experience with cloud and on-prem hybrid deployment architecture
• A passion around improving the security development lifecycle and delivering security guidance to engineers in language they understand.
• Strong writing and presentation skills. Should be able to communicate at all levels in the organizations and in some situations act as a technical writer. Possess the ability to communicate concisely, clearly, and intelligently to partners from a variety of backgrounds, including those who are non-technical.
• Offensive mindset: consider abuse and attack paths as well as the defensive mindset to recommendations to prevent them
• Ability to adapt to evolving security and business priorities quickly and effectively.
Nice-to-Have:
• A functional understanding of one or more public cloud providers: AWS / GCP / Azure
• Network specific certifications; CCNP Security, AWS Advanced Networking Specialty, CompTIA Network+, CISSP, GCIH
• Experience with building or specifying requirements for security automation
• Familiarity with SIEM and SOAR tools and abilities
• Experience in automation scripting (Ansible, Terraform)
• Reasonable understanding of cryptography and able to recommend standard solutions for protecting data at rest and in storage, transport and identity purposes
• Ability to work with data, identify trends and propose comprehensive mitigations that eradicate systemic security concerns
• Public profile and history of delivering talks and presentations at leading security conferences. Preference to individuals who have given talks about the the architecture of secured systems
• Experience managing or participating in an information security program and improving or proposing improvements to a secure development lifecycle
• Some experience performing penetration testing or familiarity with the process
• Familiarity with compliance and security requirements and an ability to translate these product requirements.
• Working knowledge of the OWASP Top 10 Security vulnerabilities and/or WASC 25 Security Vulnerabilities
Salesforce, the Customer Success Platform and world’s CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the Worlds Most Innovative Company according to Forbes, and one of Fortunes 100 Best Companies to Work for six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win.

Join us!

For Colorado-based roles: Minimum annual salary of $104,600. You may also be offered a bonus, restricted stock units, and benefits. More details about our company benefits can be found at the following link:

LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form () .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. and Salesforce.org do not accept unsolicited headhunter and agency resumes. and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with () or Salesforce.org .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
Apply Here
For Remote Senior Infrastructure Security Engineer – Network Security roles, visit Remote Senior Infrastructure Security Engineer – Network Security Roles

********

Sr Network and Security Engineer at Harmonic

Location: San Jose

Description

Sr Network and Security Engineer

Harmonic, the worldwide leader in software-based cable access and video delivery solutions, enables media companies and service providers to deliver ultra-high-quality streaming and broadcast services to consumers globally. We revolutionized cable access networking via the industry’s first virtualized cable access solution, enabling cable operators to more flexibly and efficiently deploy gigabit internet service to consumers’ homes and mobile devices. Whether simplifying streaming via innovative SaaS platforms and software-based appliances or powering the delivery of gigabit internet services, we are changing the way media companies and service providers monetize live and on-demand content on every screen. More information is available at www.harmonicinc.com.

Role Summary

Harmonic is recruiting a Sr Network and Security Engineer based at the San Jose headquarters. This role interfaces with engineers teams and reports to the NetSec manager located in France. You will be in charge of designing, optimizing, supervising and contributing to the maintenance in operational conditions of the network architecture within our global infrastructure, Cloud & On-premise, in order to meet the business requirements in terms of performance, availability and security for our internal uses.

What you will be doing
• Design, optimize and secure network architectures in conjunction with the Security Manager, technical engineering teams, R&D teams on all our infrastructure platforms.
• Maintain network and security environments in operational conditions (Switches, Routers, Firewalls, VPN, Internet links, etc.) in an international context.
• Manage ours Cloud solutions
• Supervise and manage alerts for all our production networks (AWS, Azure, Datacenter, Offices, Partners)
• Integration and deployment of security and network equipment
• Participate in security audits
• Security management in accordance with security policies and standards, user management.
• Project management

What You Should Have

At least 10 years of experience in the network and security field, with a strong background in the integration of multi-brand technical solutions, and a willingness to build the network of tomorrow.

Essential Skills
• Excellent knowledge of multi-site network architectures (routing protocol, SD-WAN, Policy Routing, Traffic shaping, automation…)
• Strong experience in heterogeneous environments, firewalling, switching, routing, NAC, email security, VPN technologies.
• Knowledge of technologies such as SASE, SSE, SWG, Multi Cloud Network Architecture

Other Skills
• Knowledge of ITIL practices
• Writing skills (technical and non-technical)
• Ability to adapt in an international environment (multi time zone)
• Good relational skills, sense of service, spirit of analysis and synthesis, autonomy, multi-tasking, dynamism, ability to report work, agility.
• Sense of communication, team spirit, intellectual curiosity, strength of proposal, reactivity, rigor, sense of responsibility and involvement, open-mindedness.

At Harmonic, we believe that building and nurturing a global team with diverse backgrounds and voices is critical to our success. Together, we achieve excellence through creativity and innovation, build relationships based on integrity and mutual respect, and deliver the highest quality in every aspect of our business for the benefit of our employees, business partners and shareholders.

Additional Equal Opportunity statement

Harmonic is an equal opportunity employer. Qualified applicants will receive consideration for employment regardless of gender, race, color, national origin, ancestry, citizenship, religion, age, physical or mental disability, medical condition, genetic information, pregnancy, sexual orientation, gender identity or gender expression, veteran status, or marital status, or any other characteristic protected by federal, state or local law. In addition, we will provide reasonable accommodations for qualified individuals with disabilities.
Apply Here
For Remote Sr Network and Security Engineer roles, visit Remote Sr Network and Security Engineer Roles

********

Network Security Engineer at Noblis

Location: San Diego

Responsibilities

Noblis MSDs scientists, engineers, technical staff, analysts, and program managers identify and deploy new shipboard technologies, integrate information technology across shipboard platforms and shipboard systems, and develop computing and networking strategies to support the Warfighter. Employees create strategic solutions to help customers reach new levels of mission support and transform their organizations.

Noblis MSD is seeking a Network Security Engineer to support the cyber security team in the development of software security solutions. Candidate will develop enhanced capabilities for the security suite and increased functionality. Candidate will work directly with Government leads in the development of a SIEM interface using granular filters and developing correlation rules using NetIQ Sentinel. Must have experience with SIEM server suite technologies. Familiar with Cisco Identity Service Engine (ISE) and clustered solutions.

Candidate will need to lead this software security design effort, working closely with the other functional domains including server and storage team, network development, and the computing software teams. This will require remote and onsite work at Naval Information Warfare Center Pacific.

Qualifications
• Bachelor’s and minimum 3 years related experience or Master’s and minimum 1 year related experience; or a Doctorate without experience; or equivalent work experience (HS-9 AA-6)
• The successful candidate must be proficient in RMF, Red Hat Enterprise Linux (RHEL) Windows 2016 and Cisco security and network technologies
• Active secret clearance with the ability to receive a SCI
• Candidate must be IAT III compliant
• Candidate must possess certification in one of these technologies Microsoft, Cisco Technologies, or Linux
• Candidate must possess certification in one of these IA disciplines
• CAP
• CASP+ CE
• CISM
• CISSP
• GSLC
• CCISO

Client Engagement
· Learn about the Noblis business development lifecycle, processes, tools, and account structure · Contribute specialized domain or technical content to proposal sections or client white papers · Build a productive relationship with your client and understand their structure and goals
Overview

With the continuing impacts of COVID-19 around the world, we are taking action to protect the health and well-being of our colleagues and maintain the safety of the communities where we operate. Noblis seeks an environment free from COVID-19 and prefers all employees to be fully vaccinated for COVID-19. Attestation of vaccination status will be required for employment with Noblis. Unvaccinated employees may be subject to additional health and safety requirements to include any federal, state and/or client restrictions.

Noblis and our wholly owned subsidiaries, Noblis ESI, Noblis MSD and Noblis + Mikros Systems tackle the nation’s toughest problems and apply advanced solutions to our clients’ most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us

Why work at a Noblis company?

Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace.

Noblis is an Equal Opportunity Employer. Employment decisions are made without regard to race (as well as because of or on the basis of traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, pregnancy, childbirth, lactation and related medical conditions, genetic factors, military/veteran status, or other characteristics protected by law.

Noblis is committed to the full inclusion of all qualified individuals. As part of this commitment, Noblis will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact employee-relations@noblis.org.
Apply Here
For Remote Network Security Engineer roles, visit Remote Network Security Engineer Roles

********

Network Security Engineer L2 at S2SSoft

Location: Walnut Creek

Role :
Network Security Engineer – L2

Location : WALNUT CREEK, CA 94597 (NEED TO BE DAY 1 ONSITE) ONLY LOCALS

Job Description:
• Must have experience with Palo Alto
• Manage firewall devices
• Assist in policy management, patch management, vulnerability management and incident management activities
• Hands on experience, installation/replacement of Network hardware
• Create/update/Implement change requests – Firewall Rules
• Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities reporting violations
• Implements security improvements by assessing current situation
• Upgrades system by implementing and maintaining security controls
• Provide network support and assist in projects (new implementations and decommissions)

Role :
Network Security Engineer – L2

Location : WALNUT CREEK, CA 94597 (NEED TO BE DAY 1 ONSITE) ONLY LOCALS

Job Description:
• Must have experience with Palo Alto
• Manage firewall devices
• Assist in policy management, patch management, vulnerability management and incident management activities
• Hands on experience, installation/replacement of Network hardware
• Create/update/Implement change requests – Firewall Rules
• Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities reporting violations
• Implements security improvements by assessing current situation
• Upgrades system by implementing and maintaining security controls
• Provide network support and assist in projects (new implementations and decommissions)
Apply Here
For Remote Network Security Engineer L2 roles, visit Remote Network Security Engineer L2 Roles

********

Infrastructure Security Engineer at Tesla Motors

Location: Palo Alto

As an Infrastructure Security Engineer for Tesla you will analyze fleet connectivity services, continuous integration systems, networks and applications from a security perspective. We are looking for individuals that are skilled at discovering security issues in both source code and in the environment where applications are running. You will get the chance to participate in security audits, risk analysis, vulnerability testing and security reviews.

Responsibilities:
• Work with teams to implement, identify and advance security at Tesla.
• Conduct penetration tests and risk assessments of the environments relating to our product lifecycle.
• Identify software supply chain risks, design and implement mitigations.
• Audit deployment systems, cloud infrastructure and orchestration systems.
• Lead security initiatives and serve as a point of contact.
• Work with vendors, partners, and other Tesla teams to drive remediation.
• Conduct risk assessments to prioritize threats and compare mitigation strategies.
• Assist design teams in developing secure connected systems.
Requirements:
• BS in Computer Science, Physics, Computer Engineering, Information Security, Electrical Engineering or proof of exceptional skills in related fields, with practical software engineering experience.
• Strong investigative and analytical problem-solving skills.
• Experience with secure architecture design. Strong communication skills, both written and spoken.
• Security expertise in one or more of: Rust, Go, Ruby, C#, C/C++.
• Experience with securing one or more of: CI/CD, Artifactory, Kubernetes, Docker, Public Key Infrastructure.
• Knowledge securing software development environments.
• Penetration testing experience.
• Proficient in software development, auditing code and features.
Apply Here
For Remote Infrastructure Security Engineer roles, visit Remote Infrastructure Security Engineer Roles

********

Cybersecurity Engineer 2 at Dexcom

Location: San Diego

About Dexcom

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class – while empowering the community to take control of diabetes. Dexcom reported full-year 2021 revenues of $2.48B, a growth of 27% over 2020. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 7,000 people worldwide.

Position Summary

Dexcom is a high-growth, fast-paced environment where you work with leading-edge, software teams in to ensure the security of modern diabetes medical device systems. We’re seeking a Threat Modeling Security Engineer to provide a structured approach to technical risk modeling that is aligned with SDLC approach and codified controls. You will work alongside highly skilled and passionate innovators who know how to deliver exceptional results while also having some fun along the way. For this Threat Modeling Security Engineer role, you will be joining our Research and Development Cybersecurity team to design and implement new applications and features for Dexcom’s medical device platforms.

As a member of the R&D Cybersecurity team, you will be responsible for reviewing new and existing applications, identifying, and ranking potential risks, providing remediation/mitigation suggestions and direction, as well as documenting your findings for review. Additionally, you will be responsible for working with the various development teams and product managers to ensure that new projects are implemented as design and on time. The ideal candidate is one who has previous experience working in a cloud and mobile environments and has worked to create security-based threat models.

Essential Duties And Responsibilities
• Review cloud and mobile use case architecture to ensure we design confidentiality, integrity, resiliency, and privacy into our products
• Attend design review meetings to identify and document any potential security risks in a cloud or mobile implementation.
• Work with Development Operations (DevOps) to review currently deployed applications and their supporting infrastructure for potential security risks.
• Create,
• Document any findings and recommendations for formal review.
• Identify security-based controls to mitigate any potential risks identified during a security review.
• Advise DevOps team members on security best-practices

Required Qualifications
• 2+ years’ Experience creating security-based threat models for Cloud Applications
• 2-5 years’ Experience working in a Cloud Environment (GCP, Azure, AWS)
• 2-5 years’ Experience working in a Mobile Environment (Android, iOS)
• Experience with using a security-based risk scoring system (CVSS)
• Experience with threat modeling and hazard-analysis frameworks such as STAMP, STRIDE etc.
• Knowledge of OWASP top ten vulnerabilities for web applications and APIs
• Experience with a common scripting language (Python, Bash)

Preferred Qualifications
• Experience leveraging the MITRE ATT&CK™ Framework
• Experience working with Google Cloud Provider (GCP)
• Experience working with common network appliances such as a Web Application Firewall (WAF), SIEM, traditional Firewall, API Gateways, or Load Balancers.
• Previous Web Application development experience
• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
• Cloud Computing certifications such as CCSK, AWS, Azure, and GCP a plus
• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
• Exposure to agile development, DevOps, SecOps and scrum teams
• Familiarity with threat modeling tools such as ThreatModeler, IrisRisk, Threagile
• Experience in Medical device industry and HIPAA regulations

Functional Description

Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities. Designs and develops security features for products including systems, applications and/or solutions. Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle. Provides product security engineering recommendations and resolves integration and testing issues. Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events. Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues. Leads or participates in security architecture and design review meetings.

Functional/Business Knowledge
• Possesses a high level of theoretical knowledge. Ability to deliver technical ideas that have an impact on the objectives. Understands organizational and functional processes and policies aligned to the technical and business goals.

Scope
• Demonstrates technical proficiency. Works on moderately complex problems where analysis of situations or data requires evaluation. Exercises judgment within generally defined practices and policies in selecting methods and techniques for obtaining solutions. Interprets data and draws conclusions regarding results used in presented material.

Judgement
• Exercises judgment within defined procedures and practices to determine appropriate action.
• Normally receives general instructions on routine work, detailed instructions on new projects or assignments.

Experience And Education
• Typically requires a Bachelors degree in a technical discipline, and a minimum of 2-5 years related experience or Masters degree and 0-2 years equivalent experience.

If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Dexcom Talent Acquisition at talentacquisition@dexcom.com .

An Equal Opportunity Employer . All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Dexcom’s AAP may be viewed upon request by contacting Talent Acquisition at talentacquisition@dexcom.com .

View the OFCCP’s Pay Transparency Non Discrimination Provision at this link .

UnitedHealthcare creates and publishes the Machine-Readable Files on behalf of Dexcom. To link to the Machine-Readable Files, please click on the URL provided: https://transparency-in-coverage.uhc.com/ .

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.
Apply Here
For Remote Cybersecurity Engineer 2 roles, visit Remote Cybersecurity Engineer 2 Roles

********

Remote Cybersecurity Engineer I at Banner Health

Location: San Diego

Primary City/State:
Phoenix, Arizona

Department Name:
IT Identity Access Mgmt-Corp

Work Shift:
Day

Job Category:
Information Technology

Primary Location Salary Range:
$30.84/hr – $51.40/hr, based on education & experience

In accordance with Colorado’s EPEWA Equal Pay Transparency Rules.

You have a place in the health care industry. If you’re looking to leverage your Information Technology skills to make a real difference – you belong at Banner Health. Apply today.

As a Cybersecurity Engineer I, you will be part of an Enterprise-wide Cybersecurity Engineering team responsible for Identity and Access Management (IAM), tasked with the planning, implementation, and support of the Enterprise IAM Platform. Expertise should include Feature Development and Deployment, Access Certifications, Provisioning, Modeling, Workflows & Automation.

This impactful position will be responsible for the design, deployment, configuration, and maintenance of an IAM platform in a multi-state enterprise environment. Candidates should have experience with various programming and development platforms including Git, Java, JavaScript, PowerShell, SQL, and Agile project management methodologies. They should also have a solid understanding of Identity Access Management and Identity Governance tools, preferably with SailPoint’s IdentityIQ, IdentityNow, or similar. Candidates should also understand IAM best practices that will drive maturity and adoption of the platform across the enterprise.

In addition, a candidate with experience in developing strategies, implementing IAM technologies, integrating IAM technologies with business systems, planning and deploying platform upgrades. Implementation of IAM automation tools is highly desired. The successful individual will be a self-motivated, detail-oriented team player who enjoys working against aggressive delivery goals in a fast-paced, dynamic and technically complex environment. They will also have a passion for building and maintaining cross-organization relationships, drive process simplification, and end-user satisfaction.

This can be a remote position if you live in the following states only: AK AR GA FL ID IN IA KS KY LA MI MN MS MO NM NY NC ND OH OK OR PA SC TN TX UT VA WA WI AZ CA CO NE NV WY

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you’ll find many options for contributing to our award-winning patient care.

POSITION SUMMARY
This position designs, develops, configures, implements, tunes, maintains solutions, resolve technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end-user devices, and provides guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers participate in root-cause analysis efforts to determine improvement opportunities when failures occur. Manage Cyber systems, ensures they are tuned, on the current release and manages appropriate change management across the IT organization and the business.

CORE FUNCTIONS
1. Participates in the design and implementation of cybersecurity solutions.

2. Participates in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software.

3. Participates in the design, implementation, and compliance of secure baseline configurations for applications and infrastructure components.

4. Performs technical assessments of systems and applications to ensure compliance with policy, standards and regulations.

5. Participates in the ongoing evaluation and development of security policies and procedures. Leads the revision of policies and procedures, as needed.

6. Update, sustain, and administer a high level of security for in-house security infrastructures and services.

7. Participates in cybersecurity projects, including the development of project scope requirements, budgeting, work breakdown.

8. Under general direction, this position is responsible for cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management.

MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor’s degree in Computer Science, Information Security, Information Systems, or a related field.

0-3 years of experience in enterprise-scale information security engineering, preferably in healthcare. Experience with IT operations and or Security operations is also highly desirable. Experience with automation of security processes, coding, and scripting languages. Ability to perform acquisition process, including vendor selection, definition requirements, and contractual documentation development. Ability to document security processes as well as Use case development. Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, and Sarbanes-Oxley. Experienced in assessing and reaching out to vendors for needed features via enhancement requests. Experienced in planning, designing, and implementing cybersecurity solutions. Experienced in operating, maintaining, and the lifecycle of cybersecurity solutions. Knowledge of Security Engineering Principles, including risk management, resilience, vulnerability management, Information Security, and security operations. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communication. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate general knowledge of information technology and information security principles and practices. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required.

PREFERRED QUALIFICATIONS

Certification in one(1)of the following areas Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), CompTIA Security+, Certified Information Systems Security Professional (CISSP) – Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA). Two years as a System Administrator, Security operations or in IT Operations. Or two years risk management or GRC experience in the healthcare/medical environment.

Additional related education and/or experience preferred.

EOE/Female/Minority/Disability/Veterans

Our organization supports a drug-free work environment.

Privacy Policy
Apply Here
For Remote Remote Cybersecurity Engineer I roles, visit Remote Remote Cybersecurity Engineer I Roles

********

Cyber Security Engineer at LBL

Location: Morro Bay

Lawrence Berkeley National Lab’s (LBNL) National Energy Research Scientific Computing Center (NERSC) Division has an opening for a Cyber Security Engineer to join the team.

In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the rest of the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, and work with other NERSC staff and end-users to provide security guidance, perform security assessments and reviews, and assist in the remediation or mitigation of cyber security issues.

NERSC is one of the premier supercomputer centers, and our systems are used by more than 7000 users from around the world. We deploy the latest high-performance computing technologies to support our mission to accelerate scientific discovery. The cyber security team helps to make this possible by keeping NERSC computers, networks, and storage accessible and secure.

At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore new emerging technologies, become involved in cross-team projects, attend NERSC seminars on a diverse range of scientific and technical subjects, and continue to expand your cyber security knowledge by attending conferences and training sessions.

What You Will Do:

Monitoring and incident response
• Perform security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, monitoring ticketing queue, and resolution of security incidents.
• Track security issues, and work closely with NERSC staff and end-users to advise and assist in remediation of vulnerabilities within proper timeframes.
• Support and/or lead cyber incident response activities and participate in the full incident response lifecycle.
• Maintain awareness of cybersecurity threats by monitoring a variety of information sources.
• Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed.

Maintenance and improvement of security infrastructure
• Maintain existing security systems using automated tools and occasionally perform manual system administration tasks.
• Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, and deployment of new security systems and infrastructure.
• Improve monitoring and data analysis including improvements in security data management and log analysis.
• Create, modify, and add signatures to existing IDS and security monitoring infrastructure.

Security consulting and compliance
• Promote a strong security culture through outreach and technical security consulting.
• Collaborate with system owners and application developers to assess and advise on proposed deployments, perform in-depth security reviews, and ensure cyber security best practices and policies are followed.
• Assist with developing and documenting cyber security guidance, policies, standards, and procedures.

Project lead in one or more of the following areas
• Secure deployment of containerized environments.
• Development and improvement of automated tools, techniques, and documentation used in existing operations.
• Security guidance and oversight in the deployment of Federated Identity and Access Management systems.
• Evaluate Edge Computing Networks and Zero Trust architectures by working with internal and external collaborators.
• Apply data modeling, visualization, machine learning, and statistical analysis techniques to large datasets from a wide range of sources in order to identify unusual and suspicious activity.

What is Required:
• Bachelor’s degree and a minimum of 8 years of related experience; or 6 years and a Master’s degree; or equivalent experience.
• Experience with Linux/Unix system administration, including the use of configuration automation tools such as puppet or ansible.
• Experience with intrusion detection systems (e.g. Snort/Suricata/Zeek), firewalls, log analysis, and network traffic analysis.
• Prior experience in threat hunting, security monitoring and analysis, incident response, penetration testing, vulnerability management and risk assessment, cyber threat intelligence, or similar cyber security role.
• Experience leading a project or team, leading the implementation or administration of systems, or providing direction for a project or team.
• Demonstrated proficiency using vulnerability scanning and application security testing tools.
• Ability to troubleshoot and solve complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Knowledge of system and application security threats and vulnerabilities, attacker exploit techniques, and general cyber security principles and standards.
• Knowledge of network security and upper layer protocols.
• Demonstrated ability to work both independently and collaboratively in an interdisciplinary team.
• Excellent verbal and written communication skills.

Desired Qualifications:
• Cloud technologies and deployment models.
• Federated Identity and Access Management systems.
• Edge Computing Networks and Zero Trust architectures.
• Data analytics tools and their application to security analysis.
• Scripting or programming in C/C++, Java, Python, Shell, or other languages.
• Policy compliance management and technical documentation.
• Prior work in High Performance Computing, higher education or a research environment.

Want to learn more about Berkeley Lab’s Culture, Benefits and answers to FAQs? Please visit: [Link available when viewing the job] />
Notes:
• This is a full-time, career appointment, exempt (monthly paid) from overtime pay.
• This position may be subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment.
• Work may be performed on-site, hybrid, full-time telework or remote modes.

Based on University of California Policy – SARS-CoV-2 (COVID-19) Vaccination Program and U.S Federal Government requirements, Berkeley Lab requires that all members of our community obtain the COVID-19 vaccine as soon as they are eligible. As a condition of employment at Berkeley Lab, all Covered Individuals must Participate in the COVID-19 Vaccination Program by providing proof that vaccination requirements have been met or submitting a request for Exception or Deferral. Visit covid.lbl.gov for more information.

Berkeley Lab is committed to Inclusion, Diversity, Equity and Accountability (IDEA) and strives to continue building community with these shared values and commitments. Berkeley Lab is an Equal Opportunity and Affirmative Action Employer. We heartily welcome applications from women, minorities, veterans, and all who would contribute to the Lab’s mission of leading scientific discovery, inclusion, and professionalism. In support of our diverse global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status.

Equal Opportunity and IDEA Information Links:

Know your rights, click here for the supplement: Equal Employment Opportunity is the Law and the Pay Transparency Nondiscrimination Provision under 41 CFR 60-1.4.
Apply Here
For Remote Cyber Security Engineer roles, visit Remote Cyber Security Engineer Roles

********

Principal Cyber Security Engineer at Cubic Corporation

Location: San Diego

Business Unit

Cubic Mission and Performance Solutions

Company Details

Cubic offers an opportunity to provide innovative technology for government and commercial customers around the globe, helping to solve their future problems today. We’re the leading integrator of payment and information technology and services for intelligent travel solutions worldwide, and the leading provider of realistic combat training systems, secure communications and networking and highly specialized support services for military and security forces of the U.S. and allied nations. If you have an entrepreneurial spirit and thrive in an innovative environment, we want to talk to you about your next role at Cubic! We are seeking employees inspired by technology, and motivated by the rewards of hard work, commitment, teamwork, quality, integrity, and respect. We invite you to explore opportunities with Cubic.

Job Details

Job Summary:

The Senior Cyber Security Engineer provides leadership, team coordination, and subject matter expertise in the provision of Information Assurance (IA) and Cybersecurity (CS) support for certification and accreditation (C&A) of risk management framework (RMF) accreditation package and artifact generation. The primary function of this role includes requirements analysis, Security Test and Evaluation (ST&E) plans and execution, risk assessments, systems analysis and hardening, incident response and policy analysis, trusted product evaluations, IA program assessments, and security posture presentations. . Expected to provide analytical support for the development and submission of C&A documentation in compliance with DIACAP or RMF requirements. Ability to apply expertise in technology, analyze the security implications of systems and applications security, and provide recommendations to decision makers and engineers. While this position works independently, it will support activities of the Principal Cyber Security Engineer as needed. This position typically works under limited supervision and direction.

Essential Job Duties And Responsibilities
• Administer computing devices/systems that enforce security policies and audit controls in Windows, Linux and CIsco environments
• Assist in responses to external audits, penetration tests and vulnerability assessments
• Participate in the application of fixes, patches and disaster recovery procedures in the event of a security breach
• Track, assess, and validate Information Assurance Vulnerability Management (IAVMs), Secure Technical Information Guidelines (STIGs), and new policies as necessary
• Support updates to documentation, Vulnerability Management System (VMS), Enterprise Mission Assurance Support Service (eMASS), Xacta IA Manager when required
• Understand and Implement policies, standards, laws, and regulations regarding technical aspects with respect to Information Security
• Support requirements to re-accredit DoD Information Technology and Platform Systems
• Participate in continuous process improvement efforts
• Familiarity with application and network security
• Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software and security incident response

Minimum Job Requirements

Four year college degree in Computer Science or related field plus a minimum of five years of related experience including three years in a system administration (e.g., Network, Windows) role and three years in information security. Must have experience working with compliance and regulatory program requirements. Incumbent must have experience analyzing network, event and security logs, and/or IDS alert logs. Incumbent will have proven organizational skills, specifically managing multiple tasks. Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude are required. Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy are expected. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism are required. Incumbent must have excellent teamwork skills. Required certification is CISSP. Though not required, any of the following licenses or certificates is preferred: CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, PMP, ITIL v3, CompTIA Security +.

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.

Worker Type

Employee
Apply Here
For Remote Principal Cyber Security Engineer roles, visit Remote Principal Cyber Security Engineer Roles

********

Information Security Engineer, Consultant at Blue Shield Of California

Location: Oakland

Blue Shield of California’s mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that truly serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience.

To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our comprehensive approach to diversity, equity, and inclusion combines a focus on our people, processes, and systems with a deep commitment to promoting social justice and health equity through our products, business practices, and presence as a corporate citizen.

Blue Shield has received awards and recognition for being a certified Great Place to Work, best place to work for LGBTQ equality, leading disability employer, one of the best companies for women to advance, Bay Area’s top companies in volunteering & giving, and one of the world’s most ethical companies. Here at Blue Shield of California, we are striving to make a positive change across our industry and the communities we live in – join us!

Your Role

The Security Insights team is responsible for all aspects of application security, ensuring that every step of the software development lifecycle (SDLC) follows security best practices. The Application Security Engineer, Consultant will report to the Senior Manager of Security Insights . In this role you will use a variety of industry leading tools to help identify and report vulnerabilities at each stage of the CI/CD pipeline for Web, Mobile, Cloud, Container, and API services and you will help the organization prioritize and track remediation efforts. You will aid in testing code and applications for security risks before release, and after.

Your Work

In this role, you will:
• Act as an escalation-point and/or with cross-functional teams in regard to high-impact cyber security threat intelligence and analysis, defense platform management, incident response, emergency containment, investigations and forensics, and/or cyber assurance red team penetration testing
• Provide advanced thought leadership regarding escalated cyber security threats, incidents, investigations, tools/services, and/or cyber defense sub-function program management
• Represent BSC IT Security in communications with business units and corporate functions in connection with Cyber Defense portfolio/scope
• Provide expert delivery of cyber security monitoring, incident response, defense platform management, investigations and/or cyber assurance red team penetration testing
• Be responsible for root cause analysis and translating into actionable continuous improvement opportunities to reduce risk and improve effectiveness
• Become a security expert for Blue Shield of California Web, Mobile, Cloud and API services
• Maintain CI/CD best practices and automate security testing at the speed of DevOps
• Ensure security scanners are utilized correctly and develop strategies to proactively secure their architecture.
• Assess coverage of necessary security tools and scanners
• Present Strategic, Operational, and Tactical vulnerability risk reports to a variety of audiences
• Assess vulnerabilities and track issues to resolution

Your Knowledge and Experience
• Requires a bachelor’s degree or equivalent experience
• Requires at least 3 years of prior relevant experience
• Desired Certifications such as CISSP, CSSLP, GWAPT, CASE, GWEB, CASS, CEH
• Experience operating Enterprise SAST, DAST, MAST, and SCA capabilities
• Experience managing Infrastructure-As-Code security policies
• Experience operating with an Agile mindset using common Agile tools and practices
• Deep familiarity with DevSecOps practices

Our Values
• Honest. We hold ourselves to the highest ethical and integrity standards. We build trust by doing what we say we’re going to do and by acknowledging and correcting where we fall short
• Human. We strive to be our authentic selves, listening and communicating effectively, and showing empathy towards others by walking in their shoes
• Courageous. We stand up for what we believe in and are committed to the hard work necessary to achieve our ambitious goals
Apply Here
For Remote Information Security Engineer, Consultant roles, visit Remote Information Security Engineer, Consultant Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo