Talent.com
Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

Auriga CorporationLos Angeles, CA, US
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description

Job Description

Benefits :
  • 401(k)
  • 401(k) matching
  • Competitive salary
  • Dental insurance
  • Flexible schedule
  • Health insurance
  • Paid time off
  • Profit sharing
  • Vision insurance

    • Job Summary

    Cybersecurity Engineering Services develop advanced security solutions in line with organizational specifications, regulations, and compliance.

    Job Responsibilities :

    • Assist with security strategy updates addressing the evolving risk landscape.
    • Assist with security governance, aligned to NIST CSF, as required to sustain an effective cybersecurity program.
    • Assist with 3rd parties / projects / initiatives security risk assessments and provide solutions recommendations as needed.
    • Assist with security operations management update / improvement as required.
    • Manage information security-related activities of the agency including the analysis, identification, estimation of InfoSec efforts and the development, planning, testing, and documenting of remediation measures.
    • Develops, conducts, and documents executive-level reporting and strategy formulation.
    • Creates and maintains a centralized information security register to manage all InfoSec information and document changes relevant requirements.
    • Collaborates with internal and external stakeholders to maintain an understanding of current risks, new systems, and changes to the environment.
    • Supports development, implementation, and maintenance of strong security risk & compliance processes for new and existing deployments.
    • Participates in vendor due-diligence processes and third-party security risk management efforts; in addition to performing contract reviews as it relates to Information Security.
    • Supports internal and external audit and assessment processes for relevant compliance (PCI DSS, Privacy, etc.).
    • Creates security guidelines, checklists, and other documentation to support projects and initiatives.
    • Develops and presents metrics, reports, and dashboards.
    • Develops documentation for information security controls, acquisitions, and process or system changes.
    • Stays up to date on developing regulatory concerns, evolving IT, and information security trends.
    • Contributes to ensuring that the Equal Employment Opportunity (EEO) policies and programs are carried out.
    • May be required to perform other related job duties.

      • Knowledge & Experience Requirements

    • Experience working with a transit Universal Fare System (UFS) and the Cubic Payment Application (CPA) as it relates to transportation agency data compliance.
    • Knowledge of cybersecurity technology and compliance in transit systems.
    • Demonstratable strong background in the processes, policies, procedures, systems, practices, and professional standards of cybersecurity.
    • Demonstratable knowledge of industry best practices and relevant legal requirements as they pertain to cybersecurity, compliance, and privacy laws and regulations including TSA / DHS transport directives, DMV rules and regulation and other transportation agency cyber security rules and regulations.
    • Consultant must have delivered similar services (as stated above) during the past 10 years.
    • Experience with modern Security Operations Center (SOC) monitoring, detecting, analyzing, and responding to cyber threats.
    • Experience with conducting Cyber forensics.
    • Experience with major Cyber Incident handling.
    • Experience with preparing and guiding organizations to achieve and sustain compliance with Payment Card Industry Data Security Standard (PCI DSS).
    • Experience with vulnerability scanning, penetration testing, etc. using commercial products.
    • Experience with risk-based prioritization of security vulnerabilities and providing actionable remediation guidance.
    • Experience with cloud based and on-premise Security Information and Event Management (SIEM) tools including administering the tools, reviewing alerts, and providing actionable steps.
    • Experience with Security Orchestration, Automation, and Response (SOAR) platform.

      • Minimum Requirements :

    • 15+ years experience supporting very large companies with skills performing above listed technical security activities.
    • Two of the certifications below :

      • Certified Information Systems Security Professional (CISSP)

    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • GIAC Security Professional (GSEC)
    • Certified Data Privacy Solutions Engineer (CDPSE)
    • Cyber Security Nexus (CSX)
    serp_jobs.job_alerts.create_a_job

    Senior Cybersecurity Engineer • Los Angeles, CA, US