Lead Cyber Security Infrastructure Operations Engineer
Posted on Apr 5, 2019 by Request Technology - Anthony Honquest
Lead Cyber Security Operations Engineer
*This position can be located in Rancho Cordova or can be REMOTE but requires occasional travel to the company headquarters in the Rancho Cordova, CA area*
Prestigious Fortune 500 Firm is seeking a true security engineer with devops and server/infrastructure knowledge who can be their go to Lead Cyber Security Operations Engineer.
This position is responsible for the planning, deployment and operations of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, network and endpount security) to address the current and emerging security needs of the business.
This role requires in depth knowledge of infrastructure and cloud technologies. The person in this role will contribute to the development and execution of a cyber security operations framework to ensure control availability, capacity and performance while maintaining the optimal level of security.
The candidate should have a breadth of technical experience in one or more of the following areas: Networks, Operating Systems, Databases, Web Applications, or Cloud implementations. This is a great opportunity for a seasoned technology professional to branch into the cyber security field.
ESSENTIAL DUTIES & RESPONSIBILITIES
- Design, build, and operate cyber security controls for the enterprise.
- Act as the subject matter expert for one of more of the following areas network security, endpoint security, database security, security testing and assurance, or communication security.
- Apply ITIL or other technology management best practices to an enterprise cyber security platform.
- Create and update a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats.
- Engages with security specialists, enterprise architects and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
- Serve as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Serve as an expert in platform, application, storage, network, virtualization, cloud and mobile security best practices.
- Exercise thought leadership in the creation and maintenance of security architectures.
- Lead all resource planning, engagement management, and service development/improvement initiatives for this area.
- Communicate and interact effectively and professionally with co-workers, management, internal and external customers and partners.
- Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
- Maintain communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.
- Develop strong working relationships with and offer continuous assistance and thought leadership to other leaders in the information technology organization.
- Establish and maintain relationships with suppliers and business partners in the information security industry. As needed, draft and negotiate professional services contracts, statements of work, and technology acquisition & support agreements.
- Continuously track and report the status of all development efforts through boardroom-quality visual communication deliverables.
- Educate, coach, and mentor all members of the team on technical, interpersonal, team dynamics, company policy & procedure, enterprise business model and other topics.
- Maintain complete confidentiality of company business.
- Comply with HIPAA, Diversity Principles, Corporate Integrity, Compliance Program policies and other applicable corporate and departmental policies.
CORE COMPETENCIES/KNOWLEDGE & SKILL REQUIREMENTS
- A strong, complete, and working understanding of architecture-level information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
- A strong working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors).
- Strong understanding of systems development life cycle to lead multifunctional projects or initiatives.
- Knowledge of laws, regulations, and standards relevant to the US Healthcare industry.
- Excellent written and verbal communication skills (including technical writing, documentation development, process mapping, and visualization). Must be able to effectively communicate technical concepts to a non-technical audience.
- Externally recognized information security industry thought leadership and innovation accomplishments desired but not required.
EDUCATION, EXPERIENCE & TRAINING REQUIRED
- Bachelors or Masters Degree in Computer Science, Information Systems, or other related field (or equivalent work experience).
- A widely-recognized cyber security technical certification such as GIAC or CISSP is a plus. Certifications in IT areas is strongly recommended.
- Minimum 8 years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. Requires expert knowledge of security principles, issues, techniques and implications across all existing computer platforms.
- Minimum 2 years of experience in information security solution engineering or security service delivery.
- Minimum 2 years of leadership experience with planning and managing security implementations and/or leading a team of technical resources. This role will require the management of several (2 to 4) concurrent large-scale enterprise wide information technology capability development projects.
- Minimum of two years of systems or application monitoring and logging experience. Experience with SPLUNK is highly recommended.
COMMUNICATION & INTERPERSONAL SKILLS
- Must be able to understand fairly complex written and oral instructions
- Ability to clearly present complex/technical subjects and findings to non-technical staff and management
- Exceptional technical writing skills including documentation development, process mapping, and visualization
- Ability to communicate technical concepts and think on the fly
- Ability to create and deliver impactful presentations
- Ability to interact well with co-workers and outside contacts
Please email your resume to: (see below)
Request Technology - Anthony Honquest
Request Technology - Anthony Honquest