Security | Playa Vista, CA, United States
The Sr. Security Engineer builds processes and deploys security infrastructure components to maintain the confidentiality, integrity and availability of company and client data. This includes a functional role in access control security, operational security, software development security, and compliance. The Security Engineer will also assist with research and development of additional controls to identify misuse of assets, to mitigate compromises, and to perform security troubleshooting.
- Implement the policies for all aspects of information security across the enterprise and production environments
- Build the infrastructure for internal/external penetration tests and vulnerability assessments
- Assist with creating information security policies
- Define security processes following ITIL and industry best practices
- Create the company's Incident Response program
- Construct a repeatable Patch Management and Vulnerability management program
- Make solutions for day to day network security activities
- Design and build the security infrastructure for multiple projects.
- Test and deploy new security technology
- Create security escalation procedures and respond to escalated events
- Implement all changes to security infrastructure in accordance with standard procedures and change control policies and procedures
- Assist with audit and compliance efforts
- Mentor other security engineers and analysts on security best practices.
- 4-year degree in a technical discipline (or equivalent experience) required
- 3+ years’ experience operating as a security resource for a large production operation, an ISP, a large scale web application or a similar environment
- Experience interfacing with partner security policies and managing to third party security requirements
- Experience building enterprise security compliance policies in a mixed operating system environment
- Proven experience with auditing, risk and threat analysis, contingency planning, creating security standards, and various security tools
- Understanding of TCP/IP, Linux, network/system intrusion techniques, firewalls and VPNs
- Security certifications such as: GIAC, CISSP, OSCP, CEH, GPEN preferred
- Project management skills or PMP preferred.
- Strong scripting skills – shell scripting, Ruby, Python, Perl
- Experience working in Web Application Security is a plus