Information Security Engineer II, Cypress

 :

Job Summary:
The Information Security Engineer II will play a crucial role in safeguarding the company's assets and ensuring the confidentiality, integrity, and availability of our information systems and data. The Information Security Engineer II will play a pivotal role in the design, implementation, and maintenance of multiple security solutions. In addition, the Information Security Engineer II will work closely with other teams to promote secure designs and practices across the company to mitigate risks and meet business objectives and regulatory requirements.

Physcial Requirements:
Stand or Sit(Stationary position), Walk(Move, Traverse), Use hand/fingers to handle or feel (Operate, Activate, Use, Prepare, Inspect, Place, Detect, Position), Climb (stairs/ladders) or balance (Ascend/Descend, Work atop, Traverse), Talk/hear(Communicate, Detect, Converse with, Discern, Convey, Express oneself, Exchange information), See (Detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, Assess), Reaching, Repetitive Motion

Function in the Job:
Sedentary Work- Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Job Function:
Security Roadmap – Ability to guide the organization in the development of the Security Program Roadmap.

Contribute to the development of the Security Program Roadmap

Develop an understanding of the organizational risk profile, organizational threats, and 3rd party compliance requirements

Security Engineering - Architects and implements security technologies.

Assist with identifying potential security technologies and researching their capabilities.

Contributes to the design and implementation of security solutions

Contributes to identifying migration / upgrades for end-of-life technologies

Recommend security improvements to management

Administer security tools and troubleshoot issues that arise

Threat Management - Ability to understand security threats and their risk to the organization.

Contribute to the research of new and existing security threats and provide input to their potential risk to the environment

Understands the anatomy of a breach and provides assistance with investigations

Security Governance - Establish and maintain self-audits, policies, and procedures to provide assurance that information security strategies are aligned with applicable laws and regulations through adherence to internal controls.

Propose areas for "self-audits" based on security assessments and/or new technology deployments

Propose security policies or procedures based on security assessments and/or new technology deployments

SUPPLEMENTAL DUTIES

Serve as technical liaison with vendors

Pursues training and development opportunities; strives to continuously build knowledge and skills

Assist personnel in other technology departments to resolve technical and/or application issues

Participate and assist in the coordination of both internal and external audits

Other duties as requested

Required Skills:
Bachelor’s Degree or equivalent work experience in a related field required

3+ years’ experience in an Information Security role with responsibilities in assessing application and infrastructure architectures for security threats and vulnerabilities, strongly preferred

Alternatively, 5+ years’ in a Senior level network/systems role with a strong focus on Security, required

Must be self-motivated and able to work independently, with minimal supervision and as part of a team

Hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Secure Email Gateways, Web Content Filters, Proxies, DLP, SIEM) required

Solid foundational understanding of networking concepts required

Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), CompTIA Security+, CompTIA Network+, highly desirable

Knowledge and experience with common information security management frameworks and best practices, specifically the National Institute of Standards and Technology (NIST) frameworks and Center for Internet Security (CIS) Critical Security Controls, highly desirable

Understanding of cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection, preferred

Experience implementing security concepts with at least one major IaaS vendor is preferred

Detail oriented with excellent interpersonal communication skills

Expected to effectively partner and collaborate with other teams on an ongoing basis

Strong conceptual thinking and communication skills - the ability to translate medium complexity business and technical requirements into effective solutions

Strong organizational skills and ability to multi-task in an enterprise business environment

Ability to manage/track completion of multiple ongoing projects and remediation tasks

Proficient technical documentation skills

Strong written, verbal and presentation communication skills and ability to communicate at all levels within an organization

Compensation Range:
The anticipated compensation for this position is USD $(phone number removed)/Yr. - USD $(phone number removed)/Yr. depending on experience, qualifications, and location.