Fulltime Network Security Engineer openings in Los Angeles on September 11, 2022

Cyber Engineer – Remote at OCTO CONSULTING GROUP

Location: Los Angeles

Octo is an industry-leading, award-winning provider of digital services for the federal government. Octo specializes in providing agile software engineering, user experience design, cloud services, and digital strategy services that address government’s most pressing missions. Octo delivers intelligent solutions and rapid results, yielding lower costs and measurable outcomes.

Our team is what makes Octo great. At Octo youll work beside some of the smartest and most accomplished staff youll find in your career. Octo offers fantastic benefits and an amazing workplace culture where you will feel valued while you perform mission critical work for our government. Voted one of the region’s best places to work multiple times, Octo is an employer of choice!

Job Description

You

As a Cyber Security Engineer at Octo, you shall have cyber security engineering experience building and securing applications at an Individual Contributor Level, understand all phases of application and service release lifecycle as part of the DevSecOps methodology. A successful candidate knows one or more modern programming languages, has a cyber security background on the cloud, understands computer science fundamentals either through education or experience, and has worked as part of an Agile team to deliver enterprise software solutions across an organization. The candidate shall utilize DevSecOps methodology to successfully secure Platform features/capabilities that are deployed onto a Hybrid infrastructure consisting of onprem and commercial cloud environments.

Us

We were founded as a fresh alternative in the Government Consulting Community and are dedicated to the belief that results are a product of analytical thinking, agile design principles and that solutions are built in collaboration with, not for, our customers. This mantra drives us to succeed and act as true partners in advancing our client’s missions.

Program Mission

Provide macro-level architectural solutions of a multi-region hybrid infrastructure (on-prem and commercial cloud), a cross-cutting application and integration architecture, and a data management and analytics architecture. This effort will provide the Air Force with feature strategic team members integrated with the Kessel Run teams to support a culture of continuous improvement across the teams. Focus on providing DevSecOps software engineering expertise, Kubernetes infrastructure, and multi-region platform services that help modernize Legacy software systems and supporting external DoD software initiatives.

Skills & Requirements

What we’d like to see
• Five-plus (5+) years of experience with Terraform, SIEM, AWS, Single Sign On (SSO), IDP such as Okta, SAML, OIDC.
• Five-plus (5+) years of experience in managing multiple AWS environments (VPCs, firewalls, IAM, GuardDuty, Cloud Trail, WAF such as Signal Sign On).

Desired Skills:
• Effective communication skills to interact with various stakeholders internal and external to the organization.

Years of Experience: 5 years of experience or more

Education: Bachelor’s Degree in a Technical Discipline – Computer Science, Mathematics, or equivalent technical degree

Clearance: U.S. Citizenship required, DoD Secret or higher preferred

Octo is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age, or genetic information. Selected applicant will be subject to a background investigation.
Apply Here
For Remote Cyber Engineer – Remote roles, visit Remote Cyber Engineer – Remote Roles

********

Sr. Principal Systems Security Engineer (Cybersecurity Anti-Tamper) with Active Clearance at Northrop Grumman

Location: Los Angeles

US CITIZENSHIP REQUIRED FOR THIS POSITION: Yes

RELOCATION ASSISTANCE: Relocation assistance may be available

CLEARANCE TYPE: Secret

TRAVEL: Yes, 10% of the Time

Description

Join Northrop Grumman on our continued mission to push the boundaries of possible across land, sea, air, space, and cyberspace. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world’s biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today.

Put your skills to the test by pushing the boundaries of what’s possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you’ll have the opportunity to be an essential part of projects that will define your career, now and in the future.

We are currently seeking a Systems Security Engineer (Cybersecurity Anti-Tamper) with an active clearance to work with our talented Advanced Weapons team in Northridge, CA. The ideal candidate will be supporting one of our Advanced Programs for defining and architecting a secured missile weapon system. This position will require close collaboration with team members of other projects within the organization for security architecture designs as well as external partners and customers.

The selected candidate for this position is required to be on-site. Relocation assistance, while not guaranteed, may be available. This position is contingent upon available funding/program award.

In this role, the selected candidate will (but not be limited to):
• Analyze customer’s concept of operations/employment and cybersecurity/anti-tamper requirements to propose, design, develop, and implement security/protection controls in compliance with government furnished implementation guides
• Analyze existing missile system security architecture, identify and solve potential and actual security problems by architecting an updated system that is resistant to tampering and cyber-attacks using design techniques suggested in government furnished implementation guides
• Implement security improvements/designs by assessing current situation; evaluating industry and Department of Defense (DoD) standards and trends; anticipating requirements
• Maintain technical knowledge by attending educational workshops and reviewing publications
• Develop technical documentation/publication to document trades studies, system designs, analysis, and results related to systems security
• Develop standard and improvement processes for assessing, designing, implementing, and verifying security requirements
• Support the development of the system security engineering team’s training plan for their development in knowledge and skills
• Interface with inter-organizational management and external customers to communicate technical briefing and program status
• Support bid proposals for systems security effort
• Support Program Management activities to ensure cost and schedule objectives are met

Basic Qualifications:
• Must have thirteen (13) years of experience in cybersecurity/anti-tamper requirements development, security and cyber threat analysis, security systems engineering, cyber systems architecture development or cybersecurity policy development. Will consider a BS degree and nine (9) years of related experience, a MS degree and seven (7) years of related experience, OR a PhD and four (4) years of related experience.
• Active DoD Secret Clearance
• Experience with Risk Management Framework (RMF)
• Certification: CISSP, CCSP, CISM or equivalent
• Experience in use of cybersecurity controls/framework, e.g., Department of Defense (DoD) Directives 8500.01, National Institute for Science & Technology (NIST) security publications, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)
• Knowledge of offensive and defensive cyber/security techniques, the latest security principles, techniques, and protocols
• Must have proven experience in communicating with all levels of peers, management. and customers in a methodical, detailed and process-oriented fashion
• Must have demonstrated experience implementing/developing technical solutions to System Security requirements and problems.

Preferred Qualifications:
• Bachelor / Master of Science in a relevant engineering/computer science discipline
• Experience in relevant engineering development, such as software engineering, computer engineering, electrical engineering, computer science, information systems, or equivalent
• Experience working in the defense/missile system
• Active DoD Secret Clearance with periodic reinvestigation within the last five (5) years
• Experience in the use of HP Fortify Software or equivalent security analysis tool

Salary Range: $138,300.00 – $207,500.00

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 [Link available when viewing the job] />
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit [Link available when viewing the job] U.S. Citizenship is required for most positions.
Apply Here
For Remote Sr. Principal Systems Security Engineer (Cybersecurity Anti-Tamper) with Active Clearance roles, visit Remote Sr. Principal Systems Security Engineer (Cybersecurity Anti-Tamper) with Active Clearance Roles

********

Content Security Staff Engineer at Studios Content

Location: Los Angeles

Staff Engineer, Content & Information Security

The Staff Engineer, Content & Information Security, reports into the Senior Manager of Application and Cloud Security at The Walt Disney Studios based in Burbank. This role is part of the team that is responsible for validating that our content creation and delivery platforms, services, applications, workflows, and websites are designed and implemented to the highest security standards. You will be responsible for assisting in the secure design and analysis of the security of cloud-based infrastructures where studio content is produced. This is a deeply technical role, requiring a solid understanding and experience implementing a variety of cloud infrastructure solutions and services, as well as network security, identity, cyber security, privileged access, and related technologies, using solid design principles.

Overall responsibilities
• Lead cloud infrastructure security assessments on studio production content related services, applications, platforms and workflows
• Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
• Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls
• Serves as security technical lead resource and subject matter expert (SME) across all Studio content platforms and services for operational, enhancement, and related activities.
• Partner with the business and engage in secure technical design of cloud solutions based on use cases and business requirements
• Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations
• Serves as security technical lead resource and subject matter expert (SME) across all Studio content platforms and services for operational, enhancement, and related activities.
• Interfaces with IT mission partners, including Networking, Architecture, and Project Delivery, to deliver content security business value
• Establishes and maintains good working relationships with all team members, partners, and customers.
• Advocates for new/enhanced Security services on behalf of customers
• Understands what vulnerabilities are and how to assist teams in remediation of them.
• Contributes requirements to technology selection process
• Stay abreast of emerging technologies and threats as well as proactively assess and evaluate the adoption thereof into the organization
• Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment
• Support studio partners, in the testing and deployment phases of all security solutions initiatives, to ensure smooth operational knowledge development and transition.
• Collaborate with studio partners to ensure all new Security technology deployments include appropriate support documentation and that Security Operations team members are fully trained to take responsibility for monitoring, ongoing support, routine engineering, and operation of the new security technology.
• Develop and expand API framework to interconnect Security Tools
• Responsible for input and feedback on security architectures
• Apply adept understanding and experience with systems automation platforms and technologies
• Engage in efforts that shape the organization’s security policies and standards for use in cloud environments
• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers
• Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls
• Collaborate with application development and infrastructure teams to deliver creative solutions to difficult technology challenges and business requirements
• Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams
• Responsible for automating security controls, data and processes to provide improved metrics and operational support
• Employ cloud-based APIs when suitable to write network/system level tools for safeguarding cloud environments
• Spot and execute new security technologies and best practices into the company’s cloud offerings.
• Mentor Security personnel, to help develop others and to highlight any coverage or skills gaps.
• Must be able to contribute or build policies and procedures around Cloud Security.
• Perform cross-functional troubleshooting of complex issues, as required
• Adhere to all policies, rules, regulations, and procedures.
• Perform other duties or functions as requested by management.

Experience and qualification
• 6-10 Years of experience in cybersecurity and cloud infrastructure engineering/architecture with MS/BS degree in Information System management / Computer Science / Information Security or a related technical discipline
• Significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, cloud infrastructure
• Experience and hands-on expertise in tuning of network sensors like IDS/IPS, DDOS, WAF Technologies.
• Domain expertise of network security sensors such as IDS/IPS, cloud security access broker, DDOS protections, Open DNS, Cloud9, CDN’s etc.
• Detailed understanding of Network Technologies Routers, switches, Load Balancers, firewalls, proxy etc.
• Detailed proficiency with Linux and Windows.
• In depth understanding of TCP/IP protocols.
• Experience with PKI, SSL, SSH, HTTPS etc.
• Knowledge of RESTful web services (client – server application).
• Hands on knowledge of Automation skills, Dev Ops skills etc.
• System admin – Red Hat Linux/Unix, Windows – Experience and knowledge is mandatory.
• Software development domain and principles, including design patterns, code structure, programming languages, continuous integration (Git), continuous deployment (Travis/Jenkins), and deployment orchestration (Chef, puppet, or equivalent).
• Experience with open-source software security sensors (Bro IDS, Suricata, Snort, Molach etc.).
• Experience with network protocols and deep packet inspection.
• Experience with micro services.
• Experience with container technologies such as Kubernetes and Docker.
• Proven experience delivering large scale, highly available security solutions.
• In-Depth Knowledge of Public Cloud such as AWS, Azure and GCP.
• Relevant security certifications such as OSCP, ISC2 CISSP, SANS, CEH, etc. are a major plus.

Required skills
• Must have excellent presentation and written/verbal communication skills
• Experience in technical project management/leading large-scale technology initiatives
• Strong analytical, organizational and decision-making skills
• Willingness to travel occasionally domestically
• Excellent leadership and teamwork skills
• Strong negotiator, self-motivated, and outgoing
• Proven track record of driving application security assessments for an organization

Job-Related Education
• Bachelor’s degree in Computer Science, Information Systems, IT Engineering, or a related field
• AWS-SAA, AWS-CSS, AZ-500, MS-500, AZ-300, CCA, CCP, CCSK, Cloud+, CEH, Pentest+, Linux+, Network+, LPIC-1, GSEC, GCIH, HashiCorp Associate, MCSE, VCP-CMA

DISNEYTECH

#LI-AS3
Apply Here
For Remote Content Security Staff Engineer roles, visit Remote Content Security Staff Engineer Roles

********

Network Security Engineer at NBC Universal

Location: Universal City

• Join NBCUniversal Cyber Security and help us design and implement network security products and services that enable and protect the experience of our businesses.
• This role is a part of the Network Security Engineering team, responsible for network security technology that supports the entire NBCUniversal enterprise.
• You’ll be responsible for design and engineering of network security services that provide visibility and defend the network at all layers.
• + Provide secure design, engineering guidance, support and fulfil new business requests for network tools and services including WAF, DNS, Email and Internet egress
• + Improve tooling utilized to manage web application firewall rules sets and ensure that WAF policies reflect the risk reduction goals of the organization.
• + Participate in On-call rotation to provide off-hours support for critical systems
• + Design network security services to address security vulnerabilities and weaknesses.
• + Develop automation to simplify network security policy administration.
• + Work to improve adjacent network services like DNS, DHCP, IPAM, SMTP and PKI.
• + Conduct security reviews of network services to drive appropriate risk reduction and best practice standards for network security controls.
• + A deep understanding of network security principles and how to apply them.
• + Experience developing and implementing application security, DDoS, Bot Protection, and other Cloud Edge Security services across an enterprise
• + A thirst for improvement and an inclination to thoughtfully challenge the status quo
• + Desire to try things and iterate on them, fail fast, and focus on functionality that matters
• + Analyze HTTP/HTTPS traffic via web application firewall log data for potential issues from malicious attacks or false positives
• + Hands-on experience configuring Cloudflare, Akamaki, F5 or Azure Web Application firewalls
• + Basic experience/knowledge on managing and troubleshooting on DNS, DHCP & IPAM (DDI) protocols and security (DNS and DHCP concepts, IPAM, IP addressing, VLANs).
• Infoblox experience a plus
• + Excellent problem solving and troubleshooting skills, an ability to use various data collection tools and methodologies to analyze problems, determine root cause and develop solutions.
• + Experience with development technologies: Git (Bitbucket or GitHub), Terraform, Ansible
• + Experience with Request Spoofing Tools (Postman, Modify Headers for Google Chrome, jmeter, etc.)
• + Strong knowledge/hands on experience with Python, JavaScript, Bash and APIs
• + Practical experience with secure development techniques and patterns across diverse platforms (ex: OWASP top 10, OWASP API Security, CWE top 25 etc.)
• + Experience with Email Authentication, including implementing policies for SPF, DMARC and DKIM
• + Experience with AWS Lambda, Cloudflare Workers, Google Cloud Functions, or a similar distributed computing platform is preferred.
• + Experience with Palo Alto Networks firewalls, highly segmented and transient networks, or extreme high-performance network environments such as broadcast or research networks.
• + Experience with project management/workflow tools and concepts such as Jira, Agile, Scrum/Kanban etc.
• + Comfortable with scripting or software development.
• NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.
• NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
• If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability.
Apply Here
For Remote Network Security Engineer roles, visit Remote Network Security Engineer Roles

********

Senior Information Security Engineer at Motion Recruitment Partners LLC

Location: Los Angeles

Position: Senior Information Security Engineer / Must live in Los Angeles

One of the world’s top law firms is hiring a Sr. Information Security Engineer to join their Santa Monica office.

You will have the unique opportunity to support a longstanding and dynamic institution as they shift their focus towards the cloud. This is a hybrid opportunity with a company that takes pride in prioritizing employee mental health and wellbeing, by providing free therapy sessions, an onsite gym, a communal working hub environment, among more company perks.
Required Skills & Experience
• At least 4+ years of combined information technology, Cloud infrastructure, and information security experience
• Familiarity with common frameworks; CIS, SOC 2, PCI, NIST, CCPA, GLBA
• Familiarity with various security tools related to DLP, SIEM, EDR, MDM, Network, etc.
The Offer

You will receive the following benefits:
• Medical Insurance
• Dental Benefits
• Vision Benefits
• Paid Time Off (PTO)
• 401(k)

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.

#LI-SS3
Apply Here
For Remote Senior Information Security Engineer roles, visit Remote Senior Information Security Engineer Roles

********

Senior Info Security Engineer – Telecommute at UnitedHealth Group

Location: Los Angeles

Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading edge technology in an industry that’s improving the lives of millions. Here, innovation isn’t about another gadget, it’s about making health care data available wherever and whenever people need it, safely and reliably. Join us and start doing your life’s best work.(sm)

Positions in this function are involved in monitoring, evaluating, and maintaining systems and procedures to safeguard internal information systems, networks, databases, and Web-based security. Conduct vulnerability assessments and monitor systems, network, databases and Web for potential system breaches. Respond to alerts from information security tools. Report, investigate, and resolve security incidents. Recommend and implement changes to enhance systems security and prevent unauthorized access. Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. May oversee internal or external systems security (i.e., cloud services). Ensure that customers and users have the right access to the right systems at the right times.

You’ll enjoy the flexibility to telecommute* from anywhere within the U.S. as you take on some tough challenges.

Primary Responsibilities:
• Serve as the functional subject matter expert for the F5 AWAF technology
• Reporting and reviewing the compliance status and taking remediation actions
• Determine the severity and complexity of issues pertaining to the security and protection of systems data, (autonomously or as part of a team) to ensure the protections, conservation and accountability of proprietary, personal, or privileged electronic data
• Collaborate with director, managers, Service Level Owner and other technical personnel to ensure mitigation of security risks pertaining to the company
• Promote continued integration of technological advances to further enhance security and reduce risks
• Oversee web application security best practices and standards are executed through auditing: change controls, process documentation, firewall configurations, and monitoring
• Evaluates analysis of suggested solutions and innovative approaches to complex issues, as well as complex conceptual analysis, ensuring implementation
• Defines, implements, and maintains web application firewall security policies ensuring mitigation of risks to the IT infrastructure as well as the company
• Promote the development of innovative approaches and solutions to complex problems and issues

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Required Qualifications:
• Undergraduate degree in applicable area of expertise and/or equivalent experience
• 3+ years relevant experience Web Application Firewalls (Ex: F5 AWAF)
• 3+ years experienced analyzing, auditing, researching, developing security policies; standards and procedures
• Ability to manage and ensure compliance with IT structures/processes/technologies
• Ability to collaborate with internal and external stakeholders, as well as communicate with high-level management
• Ability to manage the identification and mitigation of risks and communicate business and technical risk to all levels of audience
• Solid understanding principles and practices of cyber security audits and audit documentation
• Broad knowledge of wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies

Preferred Qualification:
• Demonstrate ability to anticipate and handle critical situations, negotiating solutions, resolving conflict and driving projects to completion

To protect the health and safety of our workforce, patients and communities we serve, UnitedHealth Group and its affiliate companies require all employees to disclose COVID-19 vaccination status prior to beginning employment. In addition, some roles and locations require full COVID-19 vaccination, including boosters, as an essential job function. UnitedHealth Group adheres to all federal, state and local COVID-19 vaccination regulations as well as all client COVID-19 vaccination requirements and will obtain the necessary information from candidates prior to employment to ensure compliance. Candidates must be able to perform all essential job functions with or without reasonable accommodation. Failure to meet the vaccination requirement may result in rescission of an employment offer or termination of employment

Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people’s lives. This is where it’s happening. This is where you’ll help solve the problems that have never been solved. We’re freeing information so it can be used safely and securely wherever it’s needed. We’re creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life’s best work.(sm)

Colorado, Connecticut or Nevada Residents Only: The salary range for Colorado residents is $82,100 to $146,900. The salary range for Connecticut / Nevada residents is $90,500 to $161,600. Pay is based on several factors including but not limited to education, work experience, certifications, etc. In addition to your salary, UnitedHealth Group offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with UnitedHealth Group, you’ll find a far-reaching choice of benefits and incentives.
• All Telecommuters will be required to adhere to UnitedHealth Group’s Telecommuter Policy.

Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
Apply Here
For Remote Senior Info Security Engineer – Telecommute roles, visit Remote Senior Info Security Engineer – Telecommute Roles

********

Security Engineer at Ensono

Location: Los Angeles

Worker Type:

Employee

The primary role of the Mainframe System Security Engineer is to create, modify and maintain security access on internal and external userids and security rules access for mainframe systems. All three security products, ACF2, Top Secret and RACF are utilized for supporting mainframe system access. In addition, they will review security policies, procedures, standards, baselines and may recommend and coordinate security remediation plans involving the implementation of security solutions, both technology and procedures; while maintaining an understanding of security standards, policies and procedures.

Requirements:

Basic Knowledge of Security and good security best practices
• Hands-on administration of RACF, ACF2 and Top Secret login ID’s, dataset and resource rules.
• Monitor system security policy and violations/incidents
• Perform and review daily, weekly, and monthly audit reports
• Liaison with business areas and other technical support areas
• Provide customer support by preparing ad hoc reports and giving presentations
• Monitors the environment for adherence to security standards
• Must be available 24 x7
• Experience using IBM zSecure security products
• Experience with REXX or any programming language is a plus
• iSeries security knowledge a plus

Technical Skills:
• Excellent TSO, JCL, IBM UTILITIES, JES2, and ISPF a must
• Experience with CICS preferred
• Experience using Vanguard security products is desired

General Knowledge:
• Some MVS experience is a plus
• PC Skills (Microsoft Outlook, Word, Excel, PowerPoint)

Personal Skills:
• Strong written and verbal communication skills.
• Strong organizational skills with the ability to manage multiple concurrent project deliverables and the ability to work as a global team.
• Ability to work on own initiatives.
• Strong analytical skills and problem solving skills
• Must be an excellent team player with the ability to work independently in a fast paced environment
• Self starter, detailed oriented and ability to multi task
• Excellent Communication skills required
• Good written skills are required

Education:
• CISSP, CISA, CISM or ITIL Certification a plus
• Bachelors or Masters Degree Preferred
• Other mainframe security products a plus

Primary Location City/State:

Downers Grove, IL – Finley, Illinois

Additional Locations (if applicable):

Homebased – Downers Grove, IL – Finley

Ensono is an Equal Employment Opportunity Employer. Ensono provides equal employment opportunities to all qualified applicants without regard to race, color, religion, national origin, ancestry, citizenship status, sex, marital status, pregnancy, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status, military status, or any other status protected by applicable law.
Apply Here
For Remote Security Engineer roles, visit Remote Security Engineer Roles

********

Sr. Security Engineer at The Lancet

Location: Los Angeles

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

SR. SECURITY ENGINEER

SpaceX is hiring a security engineer to join the security engineering team to help protect and drive the SpaceX mission. Our engineers are responsible for building innovative security solutions to protect against threats to our rockets, spacecraft, and our global satellite internet constellation, Starlink. As a highly visible and dynamic organization, we must value and guard against damage to our internal information, our physical hardware, and our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success.

As a Sr. Security Engineer, you will focus on the “behind the scenes” technologies that ensure our networks and systems are up to industry and SpaceX standards. You will be responsible for providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that the technologies and systems we build in-house or purchase and deploy in-house are designed and maintained in a secure way that minimizes risk.

RESPONSIBILITIES:

Design, build, and maintain technology solutions and systems that provide security for SpaceX systems, networks, and data. This can include:
• Authentication and identity services, including multi-factor solutions, network access control identity servers, and related authentication and authorization technologies.
• Identity lifecycle management services and automation. Build and maintain scripts and automation that support the information security mission across SpaceX, to be utilized by information security teammates and other partner organizations.
• Network security systems and the backend infrastructure that powers such services.
• Application level security controls (e.g. web application firewalls).
• Cloud deployments security policy enforcement, centralized configuration management, monitoring, etc.
• Serve as the subject matter expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
• Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies. Materialize this as improvements which result in stronger and safer software and application deployments across SpaceX, measuring in decreased risk and prevalence of issues.
• Create solutions that are scalable, repeatable, maintainable, and secure.
• Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.

BASIC QUALIFICATIONS:
• Bachelors degree in information systems, information security, computer science, engineering or equivalent technical field of study and 4+ years of information security, networking and/or systems administration experience; OR 6+ years of information security experience without a degree.
• Experience with one or more of the following programming languages: C/C++, Python, Rust, Go.
• Knowledge of network security architectures and primitives (e.g. TLS, Zero-Trust).

PREFERRED SKILLS AND EXPERIENCE:
• Experience building automation between tools and systems.
• Experience performing analytics against aggregated log data, and building configurations to parse and handle log data from systems and tools.
• Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems.
• Familiarity with cloud security services, concepts, and best practices.
• Strong familiarity with software development lifecycle (SDLC) processes and source control technologies.
• Track record of getting things done quickly and with quality.
• Demonstrated ability to operate in a dynamic, evolving environment.
• Ethical character and uncompromised integrity.

ADDITIONAL REQUIREMENTS:
• Willingness to work extended hours and weekends as needed.

ITAR REQUIREMENTS:
• To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceXs Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.
Apply Here
For Remote Sr. Security Engineer roles, visit Remote Sr. Security Engineer Roles

********

Senior Cyber Security Engineer at Zones

Location: Los Angeles

• As a Senior Cybersecurity Solution Engineer, your tasks may vary day-to-day but primarily focus on operating Managed Security Services (MSS), assessing the maturity of legal and regulatory compliance by running security control assessment workshops, vulnerability assessments and penetration tests, risk assessments, security policy alignment, and working on customer implementations of security products and configuration efficiency reviews.
• The ideal candidate will be able to adapt seamlessly to the organization and the customers we serve, be technically savvy, as well as enjoy learning new technologies.
• This role will also work with a team of Solution Engineers that will require mentoring, as well as the creation of a larger set of repeatable reference architectures for use by additional delivery teams.
• This person will also work closely with the Solution Architecture team in assessing customer requirements for potential engagements.
• Key ResponsibilitiesThe requirements listed below are representative of the knowledge, skill, and/or ability required.
• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
• This role requires intimate involvement with the design, usage, implementation, and support of a variety of technologies, including OEM hardware manufacturers (Cisco and similar), security software (Endpoint, SIEM, XDR, Pen Testing, DevSecOps tools etc.)
• , MFA, AD, among many others
• Ability to lead vulnerability assessments, penetration testing, risk assessments, workshops, and/or security architecture reviews for client-facing engagements
• Lead Customer Cloud proof-of-concepts, implementations, and migrations
• Liaison with the Pre-Sales Solution Architect to validate technical approaches as well as estimated level of effort, in-scope, out-of-scope, etc.
• Work directly with the PMO to coordinate pre-kickoff, implementation as well as long term management duties for each customer engagement
• Specifically, you will be expected to manage expectations for Customer implementations, schedules (timeline), and overall planning both with the internal Zones Team as well as with the Customer
• Creation of specifications, plans and activities to ensure successful Customer implementations or migrations
• Provide responsible, timely, detailed status of progress and expectations
• Drive to change and constantly improve the service that is delivered to the Customer with minimum disruption
• Exposure to legal and regulatory controls, cross-mapping, common-controls, standards, and frameworks; initially this candidate would be expected to act in a secondary role in compliance related engagements.
• The goal would be for this candidate to eventually progress into a lead role for compliance-based engagements
• Minimal travelWe are seeking candidates with the following experience and skills:Required Skills
• Minimum 10 years of experience in cybersecurity, assessment, implementation, SOC, or related fields.
• This position will require you to have OR acquire industry and vendor specific certifications.
• Microsoft Security Certifications
• C|EH: Certified Ethical Hacker
• CISM: Certified Information Security Manager
• CISSP: Certified Information Systems Security Professional
• GSEC: SANS GAIC Security Essentials
• Cisco Fire Jumper or CCNA Security
• Symantec (SCS) DLP, VIP, etc.
• McAfee Product Specialist
• Palo Alto Networks Certified Network Security Engineer
• Other security vendor certifications
• PCI: Qualified Security Assessor
• HIPAA Compliance Understanding and Training (like HCISPP)
• Creation of reference architectures (runbooks) for future reuse by the larger Zones Cloud team
• Exposure to OWASP Top 10 and other application security framework
• Clear comprehension of the overall IT infrastructure and application stack
• Ability to produce and roll out processes and tools to improve effectiveness
• Analytical skills to assist in the resolution of complex issues that may be time sensitive
• Ability to provide high-level support for technical clients
• Clear understanding of various network topologies and protocols
• Ability to estimate effort to complete tasks and meet pre-defined objectives
• Ability to plan, organize, schedule, and manage activities during delivery and management of a project once the primary deliverables are complete
• Experience with multiple information security technologies and design techniques
• Understanding of log file analysis and reporting techniques from multiple sources (servers, firewalls, SIEMs, etc.)
• Firewall and SIEM Configuration and Monitoring Experience
• Scripting skills in any of the common languages (PowerShell, Python, Shell, etc.)
• Nice to have Skills
• CASB / Cloud SOC experience
• Running, managing, or implementing a Security Operations Center (SOC)
• Running, managing, or implementing Managed IT Services
• Meeting Service Level Agreements (SLAs) for SOCs
• Implementing and monitoring Data Loss Prevention tools
• Using and configuring Identity Management Solutions
• Some network configuration experience (Firewalls, VPN, Routers/Switches, and Load Balancers)
• Experience building reports and sharing data with internal and external teamsAs a rapidly growing global provider of IT solutions, we’ve expanded from Seattle to Sydney and beyond – with reach in over 80 countries around the world.
• Today’s top brands count on Zones and our world-class partners – Microsoft, Apple, Cisco, Dell, Lenovo, and more – to transform their enterprises.
• To support this transformation, Zones offers products and services across four Solution Environments: Workplace Modernization, Network Optimization, Data Center Transformation, and Security Fortification.
• Zones offers a comprehensive Benefits packageWhile we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team.
• Our employees enjoy a variety of comprehensive benefits, including medical/dental/vision coverage, life insurance, a 401(k) plan with matching provision, paid time off, and much more.
• And as a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.
• At Zones, work is more than a job – it’s an exciting career immersed in an inventive, collaborative culture.
• If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!
Apply Here
For Remote Senior Cyber Security Engineer roles, visit Remote Senior Cyber Security Engineer Roles

********

Information Security Engineer, DevSecOps at RAND Corporation

Location: Los Angeles

Job Type:

Regular

Information Security Engineer, Dev Sec Ops

RAND Information Security

The RAND Corporation seeks an Information Security Engineer, Dev Sec Ops , with a strong background in both cybersecurity and API-driven automation and orchestration to join the Information Security Architecture and Engineering team.
• The Architecture and Engineering team applies next generation technologies to combat the efforts of advanced persistent threat (APT) adversaries in their attempts to infiltrate and disrupt RAND’s computing services.
• The candidate will apply their experience to streamline ongoing operations while identifying and pursuing opportunities to continuously improve the impact and reliability of our cyber deterrence capabilities applying zero trust architecture (ZTA) network principles through API-driven automation to integrate systems, orchestrate workflows and perform quality assurance checks on network and system configurations.
• The engineer will identify, design, and develop solutions to integrate systems for better interoperation, facilitate continuous quality control of systems configurations, and streamline the analysis of systems vulnerabilities and assist with threat hunting.
• As RAND transitions the bulk of its computing services to cloud infrastructure and services, this role will work with others on the team to identify areas where automation could benefit the cloud security posture.
• The information security team plays an integral role in securing all of RAND’s information systems by setting and verifying security and policy requirements.
• Additionally, RAND’s information security professionals have the unique experience of being able to work with RAND’s cyber policy researchers in support of their policy analysis on emerging cyber threats on ransomware, autonomous vehicles, health care services, critical infrastructure, and our national security capabilities.

DUTIES AND RESPONSIBILITIES AND OTHER SUCCESS CRITERIA

The following duties and responsibilities are expected of the position:
• Developed automated orchestration routines to ensure ongoing protection of cloud services,
• Design and develop solutions to integrate systems across the network to improve interoperation as well as to continuously verify systems configuration against baselines,
• Identify, select, and deploy emerging cloud and hybrid cloud security services across RAND’s cloud services,
• Diagnose and troubleshoot cyber-related network and system performance deficiencies,
• Contribute to the development and maturation of the cybersecurity strategy and roadmap,
• Apply engineering principles to the management of RAND’s cyber infrastructure services,
• Work with all of RAND’s software and web development teams to ensure sound security practices and security is designed and built into the applications from the ground up.
• Initiative-taking and fully responsible for leading technology deliverables, analyzing gaps and driving improvements to RAND’s cyber-deterrence capabilities,
• Provide input to security policies and standards in accordance with changes in regulations, best practices, industry trends or controls required by RAND contracts and grants.
• Experience with relational and No

SQL database technologies
• Experience with C/C#, web frameworks (e.g., Django, Flask or React), Java, JavaScript, Python, Docker and other abstraction and containerization technologies
• Experience designing, implementing, and maintaining cybersecurity configurations in network, boundary appliances or application services
• Some experience working with leading SaaS platform APIs such as Workday, Salesforce or Office 365

MINIMUM QUALIFICATIONS
• A minimum of 5 years’ experience in engineering and cyber deterrence with 3 years’ experience in software engineering with languages such as JavaScript and Python
• A minimum of 3 years’ experience with at least one of AWS, Azure or GCP
• Cloud orchestration technologies including such as AWS Cloud Formations, Azure Kubernetes, and Durable Orchestration
• Hybrid cloud security platforms such as Armor Anywhere and Cloudvisory
• Secure coding standards including OWASP
• Securely managing credentials and secrets for general coding and cloud APIs
• Cyber forensics – conducting cyber investigations and diagnosing indicators of compromise
• Proficiency with infrastructure as code, configuration management and version control systems
• Requirements’ definition, gap analysis and technology assessment and selection
• Industry engagement – ND-ISAC, RSA, Blackhat and others
• Understanding of capabilities central to securing enterprise networks including end point protection, detection and response services, network intrusion detection and prevention systems, behavior-based malware detection, and memory forensics

Stand-out qualifications that would put you ahead of other candidates
• Lead developer responsible for the full stack development of a multitier application responsible for auditing, ensuring the compliance or assisting with threat hunting on a network
• Developed a cyber solution that applied…
Apply Here
For Remote Information Security Engineer, DevSecOps roles, visit Remote Information Security Engineer, DevSecOps Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo