Information Security Engineer II

Local candidates only, that can work 3 days week onsite in Cypress, CA

Our Direct client has an Exceptional Opportunity for Information Security Engineer II for a full-time direct hire position, working a Hybrid schedule, 3 days week onsite in the office, in Cypress, CA 90630

• Full Time Direct Hire
• 3 days week Hybrid in the Office
• Location: Cypress, CA 90630
• Official Position Title: Information Security Engineer II
• Salary $115k - $140k plus bonus and great benefits.

LOCATION: Cypress CA 90630 will be on a Hybrid schedule. 3 days week minimum office time is required.

The Information Security Engineer II will play a crucial role in safeguarding the company's assets and ensuring the confidentiality, integrity, and availability of our information systems and data. The Information Security Engineer II will play a pivotal role in the design, implementation, and maintenance of multiple security solutions. In addition, the Information Security Engineer II will work closely with other teams to promote secure designs and practices across the company to mitigate risks and meet business objectives and regulatory requirements.

Required Skills

• Bachelor’s Degree or equivalent work experience in a related field required
• 3 years’ experience in an Information Security role with responsibilities in assessing application and infrastructure architectures for security threats and vulnerabilities, strongly preferred OR (Alternatively, 5 years’ in a Senior level network/systems role with a strong focus on Security, required)
• Must be self-motivated and able to work independently, with minimal supervision and as part of a team
• Hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Secure Email Gateways, Web Content Filters, Proxies, DLP, SIEM) required
• Solid foundational understanding of networking concepts required
• Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), CompTIA Security , CompTIA Network , highly desirable
• Knowledge and experience with common information security management frameworks and best practices, specifically the National Institute of Standards and Technology (NIST) frameworks and Center for Internet Security (CIS) Critical Security Controls, highly desirable
• Understanding of cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection, preferred
• Experience implementing security concepts with at least one major IaaS vendor is preferred
• Detail oriented with excellent interpersonal communication skills
• Expected to effectively partner and collaborate with other teams on an ongoing basis
• Strong conceptual thinking and communication skills - the ability to translate medium complexity business and technical requirements into effective solutions
• Strong organizational skills and ability to multi-task in an enterprise business environment
• Ability to manage/track completion of multiple ongoing projects and remediation tasks
• Proficient technical documentation skills
• Strong written, verbal and presentation communication skills and ability to communicate at all levels within an organization
• Serve as technical liaison with vendors
• Pursues training and development opportunities; strives to continuously build knowledge and skills
• Assist personnel in other technology departments to resolve technical and/or application issues
• Participate and assist in the coordination of both internal and external audits

client environment has: QRadar, Rapid 7, crowdstrike, Iron Port, Azure, MS 365, AWS, Cisco

Security Roadmap – Ability to guide the organization in the development of the Security Program Roadmap.

• Contribute to the development of the Security Program Roadmap
• Develop an understanding of the organizational risk profile, organizational threats, and 3rd party compliance requirements

Security Engineering - Architects and implements security technologies.

• Assist with identifying potential security technologies and researching their capabilities.
• Contributes to the design and implementation of security solutions
• Contributes to identifying migration / upgrades for end-of-life technologies
• Recommend security improvements to management
• Administer security tools and troubleshoot issues that arise

Threat Management - Ability to understand security threats and their risk to the organization.

• Contribute to the research of new and existing security threats and provide input to their potential risk to the environment
• Understands the anatomy of a breach and provides assistance with investigations

Security Governance - Establish and maintain self-audits, policies, and procedures to provide assurance that information security strategies are aligned with applicable laws and regulations through adherence to internal controls.

• Propose areas for "self-audits" based on security assessments and/or new technology deployments
• Propose security policies or procedures based on security assessments and/or new technology deployments

This position qualifies for:

• Annual Merit Increase opportunity
• annual bonus opportunity Up-to 10% annually
• Paid Sick & Vacation/Health/Dental/401K & Other Benefits

Salary plus bonus and great benefits, the client offers a comprehensive benefits package.