Job DetailsĀ 
Apply Now
Email A Friend
Requisition Number: SS-3791
Job Title: Security Engineer
Area of Interest: Information Technology
Division: Corporate Shared Service
City: Rocklin 95765
State/Province: California
Country: U.S.
Job Description:

The candidate will be a member of the IT Security team responsible for the protection of Enterprise information assets and insures the confidentiality and integrity of associates and business information in compliance with policies and standards. Duties include, providing technical support and direction for security monitoring functions including but not limited to evaluating vulnerabilities, evaluating/isolating malware infections, deploying and administering security tools, facilitating security audits, generating security documentation.

Essential Functions:

-Manage and maintain key Information Security tools to help mature and improve the overall effectiveness of solutions across the organization to safeguard information systems, intellectual property assets and customer data.
-Design, implement and support integration of information security solutions including security architectures, firewall analysis, and developing and coordinating security implementation plans to improve monitoring and compliance functions and drive automation and efficiencies.
-Manage remediation of security issues with technology and business teams to ensure remediation is completed timely and effectively.
-Analyze existing processes to identify improvement opportunities, recommend solutions and lead implementation.
-Establish and implement a repeatable process for tracking, reporting and driving remediation of security issues.
-Assist with the PCI DSS security compliance program including scoping, testing, and remediation activities.
-Help train associates, contractors, alliance or other third parties on information security policies and -procedures.
-Provide skill-set knowledge transfer that ensures necessary cross-training of other IT Security team members.
-Monitors compliance with information security policies and procedures and monitors access control systems to assure appropriate access levels are maintained.
-Develop, support and manage Security metrics & reporting.
-Develop, maintain and enforce standardized, repeatable administrative and operational policies, processes and procedures.
-Serves as enterprise information security consultant, conduct information security risk assessments.
-Lead computer forensic analysis, cyber-crime investigation, incident emergency response and investigations.
-Perform other responsibilities and duties as assigned.

Requirements/ Qualifications:

-BA/BS or equivalent experience.
-IT industry experience of 8-10 years which includes 3-5 years in information security.
-Must have understanding and working knowledge of operating system security, encryption technologies, forensics analysis, penetration testing and vulnerability/risk assessment.
-Prior experience in the retail industry preferred.
-Knowledge of information security principles and best practices in an enterprise setting.
-Experience working in a fast-paced, highly complex environment.
-Experience working with cross-functional teams to deliver results.
-Familiarity with compliance best practices and security frameworks (SOX, PCI DSS, ISO, Data Privacy laws).
-Demonstrated experience with enterprise level security tools in a technically complex environment (e.g. --Data Access Management, IDS/IPS, RedSeal Firewall Review, Tripwire FIM, WAF, DLP, Network Forensics, and Enterprise Log / SIEM).
-Solid understanding of TCP/IP based networks, DNS, firewalls, encryption, open systems security concepts, common attack vectors/types, malware classification and propagation.
-Proven customer facing skills and the ability to effectively communicate at both a high-level and a technical level.
-Excellent written and oral communication skills required.
-A demonstrated understanding of secure design and implementation of software.
-Web security/application security a plus.
-CISSP certification, or ability to obtain via self-study within one year of date of hire, other relevant IT or security certifications.



Apply Now
Email A Friend